Outcast  no  longer  Apple's  latest  OS  means 

maaging  Macs  is  no  longer  an  isolated  event  PAGE  10. 


(?§)  VoIP  taking  its  time  VocalTec  CEO  Eton 

T  Ganor  explains  why  the  uptake  of  VoIP  has  been  slow  PAG*:  30 


etworkWon 


The  leaer  in  network  knowledge  ■  www.nwfusion.com 


December  2,  2002  ■  Volume  19,  Number48 


EARLY 
ADOPTERS 

How  organizations  are  exploiting 
the  latest  network  technologies. 

Is  )t  everyone  is  lying  low,  waiting  for  the 
economy  to  turn  around.  Plenty  of 
<  >mpanies  are  embracing  technologies 
such  as  IP  telephony,  wireless  LANs, 
c  tical  networks  and  Web  services  in  an 
ffort  to  emerge  stronger  than  ever  — 
nd  stronger  than  more-conservative 
c  mpetitors — when  the  rebound  comes. 
F  id  out  how  these  innovators  are  cutting 
costs,  smoothing  operations,  better 
erving  customers  and  enabling  new 
business  opportunities. 
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10G  or  not  10G? 

That  is  the  question  regarding  high-speed  switch  products, 


■  BY  PHIL  HOCHMUTH 

If  you’re  looking  to  add  10  Giga¬ 
bit  Ethernet  to  your  corporate 
backbone,  you  might  want  to 
wait  for  the  next  generation  of 
switches  from  vendors  such  as 
Cisco,  Extreme  Networks  and 
Foundry  Networks  to  ensure 


you’re  getting  the  most  bang  for 
your  buck. 

That’s  because  most  existing 
Ethernet  boxes  have  a  kink:  they 
really  only  deliver  8G  bit/sec. 
Vendors  will  make  up  for  that 
speed  with  next-generation  chas¬ 
sis  upgrades  —  which  could 
come  as  early  as  next  year. 


Although  some  currently  offer 
10G  Ethernet  modules, “most  ven¬ 
dors  are  using  switch  chassis  that 
were  designed  three  or  four  years 
ago  to  support  Gigabit  Ethernet," 
says  David  Newman,  president  of 
Network  Test,  an  independent  net¬ 
work  equipment  test  lab  and  a 
member  of  Network  World’s 
Global  Test  Alliance. 

“Different  boxes  are  designed  in 
different  ways  . . .  but  the  most 
bandwidth  many  of  these  prod¬ 
ucts  can  offer  is  8G  bit/sec  of 
capacity”  at  best,  he  says.  New¬ 
man  adds  that  this  limitation  is 
because  most  chassis  were  de¬ 
signed  with  8G  bit/sec  interfaces 
between  module  slots  and  the 
chassis’  switching  fabric. 

Another  industry  watcher  says 
even  8G  bit/sec  is  generous.  Bad 
implementations  of  features  such 
as  flow  control,  which  regulates 
SeelOG,  page  16 


Alcatel  switches  stack  up 

'Virtual  chassis’  offerings  boast  failover,  flexibility. 

■  BY  PHIL  HOCHMUTH 

CALABASAS,  CALIF  —  Alcatel  this  month  is  scheduled  to  start 
offering  stackable  10/100M  bit/sec  Ethernet  switches  that  pack 
much  of  the  punch  of  enterprise  chassis-based  boxes. 

Alcatel  lags  behind  3Com,  Cisco  and  Nortel  in  getting  into  the 
“virtual  chassis”switch  market,  but  at  the  same  time  leapfrogs  them 

See  Alcatel,  page  14 


MasterCard  factors  9/11 
into  disasterrocovery  plan 


■  BY  ELLEN  MESSMER 

O’FALLON,  MO.  —  MasterCard 
International,  which  last  year 
opened  a  gleaming  $160  million 
data-processing  campus  in 
Missouri,  is  gearing  up  for  its  next 
challenge:  building  a  back-up 
and  disaster-recovery  site  de¬ 
signed  for  the  age  of  terrorism. 

The  card-processing  giant  cur¬ 
rently  maintains  a  back-up  oper¬ 
ation  at  an  unspecified  Long 
Island, N.Y,  location, but  the  Sept. 
1 1  terrorist  attacks  last  year  on  the 


World  Trade  Center 
spurred  MasterCard 
to  rethink  its  disas¬ 
ter-recovery  plans. 

And  a  factor  it  had 
to  take  into  account 
is  that  the  Federal 
Reserve  and  the 
Securities  and  Ex¬ 
change  Commis¬ 
sion  are  pushing  for 
new  rules  that, 
among  other  things, 
would  mandate  a  two-hour  re¬ 
covery  time  for  financial  ser¬ 


vices  companies’ 
systems. 

MasterCard,  which 
processes  about  $1 
trillion  annually 
over  its  global  Bank- 
Net  VPN,  likely  will 
build  its  new  back¬ 
up  facility  about  300 
miles  from  the  new 
data-processing 
center  —  the  min1 
mum  distance  the 
federal  government  wants 

See  MasterCard,  pg?  H 


MasterCard's  Artie 
Ahrens  is  bulking  up 
the  credit  giant's  back¬ 
up  plans. 


Can  the  servers  har 


Anything  can  happen  to  your  infrastructure.  Make  sure  it  scales.  Today’s  business  world 

is  a  roller  coaster  ride  of  ups,  downs,  and  complete  unknowns,  and  the  companies  that  adapt  to  this  climate  are  the 
companies  that  will  thrive.  In  this  kind  of  environment,  where _ can  happen  at  any  moment,  it  is  increasingly 


important  that  your  infrastructure  provides  the  headroom  and  ability  to  increase  or  decrease  capacity  as  necessary 
almost  instantly.  Here's  how  the  Microsoft®  platform  can  help  you  get  there: 


Scalability  world  records  and 
price-performance  leadership 


The  Windows  Server  family  holds  the  world 
performance  records  in  the  TPC-C  and  TPC-W 
benchmarks,  which  measure  transactions 
per  minute,  and  Web  interactions  processed 
per  second,  respectively.  In  TPC-C  price- 
performance  benchmarks  of  clustered  solutions, 
Microsoft  has  the  top  four  results,  and  six  of 
the  top  ten.  In  tests  of  non-clustered  systems, 
Microsoft  solutions  earned  the  top  ten  spots  in 
price-performance.  In  a  head-to-head  comparison 
of  the  best  non-clustered  results  on  Windows 
Server/SQL  Server  2000  Enterprise  Edition 
and  the  best  Sun  Microsystems  result,  the 
Microsoft  solution  topped  Sun  in  performance 
by  360  percent,  at  a  cost-per-transaction 
that  is  42  percent  lower? 


Scaling  up:  Getting  the  superior 
performance  you  need 


Today,  many  companies  have  accumulated  large 
quantities  of  servers,  due  to  new  applications, 
growing  data  requirements,  and  through  mergers 
and  acquisitions.  Consolidating  these  large 
numbers  of  servers  onto  fewer  servers  (known  as 
“scaling  up")  can  help  reduce  the  time  and  effort 
needed  to  manage  the  servers  while  increasing 
performance.  Also,  many  of  today’s  most  popular 
ERP,  CRM,  and  business  intelligence  applications 
are  architected  to  perform  best  on  a  “scale-up’,’ 
single  image  server.  Microsoft  Windows  2000 
Datacenter  Server  and  SQL  Server  2000 
Enterprise  Edition  are  designed  to  efficiently 
utilize  hardware  resources  within  a  single  image, 
and  can  scale-up  to  32  processors  and  32  GB 
of  memory.  All  of  which  means  that  if  you  need 
to  consolidate  your  workload  or  deploy  large 
databases,  the  Microsoft  platform  can  deliver. 


SK  i 


•Results  from  the  Transaction  Processing  Performance  Council  (www.tpc.org)  as  of  10/22/02.  Comparison  of  Microsoft  Windows  .NET  Server  2003  Datacenter  Edition  and  SQL  Server  2000  Enterprise  Edition  versus  Sun  Microsystems  based  on  the  following  two  results:  NEC  TX7/i9510.  308621  tpmC.  14.96  $/tp.r 
The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 


die  that?” 


Scaling  out:  Adding  capacity  when 
you  need  it,  where  you  need  it 

With  today’s  unpredictable  business  climate, 
your  computing  capacity  requirements  can 
change  quickly  and  dramatically.  Distributing  the 
computing  workload  among  multiple  servers, 
with  the  ability  to  add  or  subtract  servers 
to  increase  or  decrease  capacity,  helps  you 
optimize  your  resources.  "Scale  out”  scenarios 
are  typically  ones  in  which  applications  are 
architected  for  distributed  processing,  such  as 
Web  infrastructure  and  application  servers.  The 
Microsoft  platform  supports  both  clustering  and 
network  load  balancing  (NLB),  and  Windows 
2000  Advanced  Server  can  support  up  to  32 

servers  in  NLB  scenarios.  In  addition,  with  “ JetBlue  is  using  the  Microsoft  Server  Platform  to  enable  hardware 

Application  Center  2000  you  can  manage  a  consolidation,  achieve  better  price- performance,  decrease  IT  support 

farm  of  servers  as  one  server,  simplify  your  costs,  and  reduce  application  development  time.  The  scalability  of  our 

management  processes,  and  enable  a  reduction  Microsoft-based  infrastructure  gives  us  the  confidence  that  we  are  ready 

in  complexity.  So  if  you  need  a  flexible,  scalable  to  handle  today’s  usage  spikes  as  well  as  future  growth 

environment,  the  Microsoft  platform  is  ready.  _  Jeff  Cohen.  Vice  President  &  CIO.  JetBlue  Airways 

For  a  Server  Consolidation  Kit,  webcasts,  and  other  information  that  can  help  you  get  your  infrastructure  scalable  enough  for 
_ _  visit  microsoft.com/enterprise/scalability  Software  for  the  Agile  Business. 
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Is  your  enterprise  network 
on  the  right  track? 

Truth  is,  your  enterprise  network  runs  on  multiple  tracks.  Hopefully  headed  in  the 
same  direction.  You  know  where  you  need  to  go  -  local  to  global,  legacy  to  leading 
edge,  separate  systems  to  an  integrated  platform. 

What’s  the  best  way  to  get  there?  AT&T’s  enterprise  network  solutions.  Providing 
the  reach,  stability,  and  resources  to  help  move  your  business  forward. 

Whether  you  are  looking  for  an  intranet,  extranet,  or  e-infrastructure  connection, 
you  can  rely  on  AT&T  to  help  put  you  on  the  fast  track  to  business  success. 


There’s  never  been  a  better  time  to  call  AT&T. 

Contact  your  AT&T  Account  Representative  or  call  I  866  365-2342, 

or  visit  www.att.com/networking. 
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Top  ISP  Report  -  October 

Is  your  ISP  measuring  up?  Find  out  with  our  Top  ISP  Report,  a  venture 
between  Network  World  and  eTesting  Labs'  Internet  BenchMark  service. 
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Cool  Tools  at  Comdex  video 

Network  World  Cool  Tools  columnist  and  Senior  Reviews  Editor  Keith  Shaw 
scoured  the  Comdex  floor  for  the  latest  and  coolest  products  on  display. 
See  and  hear  what  hot  new  gear  will  soon  be  available  to  you. 

DocFinder:  3340 

Network  Encyclopedia 

Get  definitions  for  the  technologies,  hardware,  protocols,  standards  and 
more  behind  networks. 

DocFinder:  3341 
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Future-proof  your  network 

Are  you  considering  upgrading  to  10G  Ethernet  or  folding  voice  into 
your  IP  network?  Attend  our  Town  Meeting,  "State  of  the  LAN/MAN: 
Re-engineering  for  Today's  Enterprise  Demands,”  to  discover  how  to 
expand  your  LAN  today. 

DocFinder:  3146 
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Compendium 

Death  of  'Net  imminent 

Fusion  Executive  Editor  Adam  Gaffin  reports  the  disturbing 
news  that  Barbie  (yes,  that  Barbie)  now  has  a  Weblog. 

DocFinder:  3342 

SOHO  Tech 

Leave  your  PDA  at  home 

Columnist  James  Gaskin  shows  how  putting  your  contacts 
database  online  provides  access  from  anywhere. 

DocFinder:  3343 

Home  Base 

Life  after  Arthur  Andersen 

Columnist  Jeff  Zbar  examines  an  audit  team  that  found  a  new 
corporate  home,  with  flexible  work  arrangements  intact,  post- 
Enron  DocFinder:  3344 

The  Bleeding  Edge 

Columnists  Daniel  Briere  and  Claudia  Bacco  say  wireline 
providers  are  facing  some  challenges  in  the  not-too-distant 
future. 

DocFinder:  3345 
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DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Experts  flag  security  flaw  in  Solaris 

■  A  vulnerability  in  Solaris  puts  systems  running  the  Sun  operating 
system  at  risk  of  being  taken  over  by  an  attacker,  experts  warned  last 
week.  A  buffer  overflow  flaw  lies  in  Sun’s  implementation  of  the  X 
Windows  Font  Service,  which  serves  font  files  to  clients  and  runs  by 
default  on  all  versions  of  Solaris,  according  to  advisories  that 
Internet  Security  Systems  and  CERT/Coordination  Center  issued.  By 
formulating  a  specific  XFS  query  remote  attackers  could  crash  the 
service  or  run  arbitrary  code  with  the  privileges  of  the  “nobody 
user’’  This  privilege  level  is  limited  and  similar  to  that  of  a  normal 
user.  But  after  gaining  access  an  attacker  could  use  privilege  esca¬ 
lation  flaws  to  attain  root  status,  the  highest  privilege  level,  ISS  said. 
Sun  told  ISS  and  the  CERT/CC  that  it  is  working  on  a  software 
update.  Meanwhile,  ISS  advises  users  to  disable  XFS  unless  it  is 
required  and  to  investigate  firewall  settings.  (See  story  on  Sun  re¬ 
leasing  Solaris  9  for  Intel-based  servers  and  workstations,  page  13.) 

Siebel's  comment  to  prove  costly 

■  The  Securities  and  Exchange  Commission  last  week  took  its  first  enforcement  actions 
under  a  fair  disclosure  rule  enacted  in  2000,  citing  Siebel  Systems  for  violations.  On  Nov. 
5, 2001,Siebel  CEO  Tom  Siebel  told  attendees  at  an  invitation-only  Goldman  Sachs  con¬ 
ference  that  he  was  optimistic  because  Siebel’s  business  was  returning  to  normal.That  was 
in  contrast  to  his  statements  three  weeks  earlier  that  the  IT  market  was  tough  and  the 
company  expected  to  face  that  climate  for  the  rest  of  the  year,  according  to  the  SEC. 
Siebel’s  cheery  remarks,  to  which  most  investors  had  no  access,  pushed  Siebel’s  share 
price  up  about  20%  higher  than  the  previous  day’s  close.  Regulation  full  disclosure  bars 
companies  from  selectively  disclosing  material  information  before  releasing  the  informa¬ 
tion  publicly  The  SEC  has  filed  a  cease-and-desist  order  against  Siebel.  It  also  has  sought 
in  federal  court  a  $250,000  fine  for  the  infraction,  a  penalty  to  which  Siebel  has  agreed, 
according  to  the  SEC.  The  commission  also  took  action  against  Raytheon  and  its  CFO, 
Franklyn  Caine,  and  Secure  Computing  and  its  CEO,  John  McNulty,  for  similar  violations. 

Hitachi,  Network  Appliance  offer  gateway 

■  Storage  vendor  Hitachi  Data  Systems  is  expected  to  announce  this  week  that  it  has 
partnered  with  Network  Appliance  to  create  a  storage-area  network/network-attached 
storage  gateway  for  enterprise  customers  who  want  to  view  block-level  data  on  the 
Hitachi  Lightning  9900  Series  arrays  from  a  file-oriented  Network  Appliance  file  server. 
Hitachi’s  fortunes  have  improved  in  the  past  year.  According  to  AG  Edwards,  at  the  end 
of  the  third  quarter,  Hitachi  had  overtaken  EMC  in  the  high-end  RAID  market  with  a 
38.7%  market  share  compared  to  EMC’s  37.8%  slice. 

Senators  tout  new  broadband  legislation 

■  A  bill  expected  to  be  introduced  in  the  U.S.  Senate  early  next  year  is  being  pro¬ 
moted  to  encourage  the  expansion  of  broadband  Internet  access  by  making  more 


COMPENDIUM 

Better  than  a  Pringles  Wi-Fi  antenna 

The  Cantenna  is  a  Wi-Fi  antenna  that  looks  just  like  one  of  those  you'd  make  with  a 
potato-chip  can,  only  without  all  the  messy  potato-chip  oil. 

Read  more  at  DocFinder:  www.nuifusion.com ,  DocFinder:  3339. 
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<g>  E-comm  growth  spurt  U.S.  online  retail  sales  in  the 
third  quarter  jumped  34.3%,  representing  the  largest  year-over-year 
gain  since  the  first  quarter  of  2001,  according  to  the  U.S.  Commerce 
Department.  The  $11  billion  in  receipts  represented  1.3%  of  total  retail 
sales,  up  from  1.1%  the  year  before. 


BRIAN  GAIDRY 


Worst  year  ever.  The  worldwide  IT  industry  suffered  its 
largest  decline  ever  in  2002,  with  revenue  falling  2.3%  from  the  previous 
year,  according  to  IDC.  Major  contributors  to  the  decline  included  a  drop¬ 
off  in  computer  systems  sales,  network  equipment  and  professional 
services.  However,  IDC  expects  the  $875  billion  dollar  IT 
recover,  with  a  growth  rate  of  more  than  5%  next  year. 


Piracy  doesn't  pay.  a  52-year-oid 

Taiwanese  woman  who  pleaded  no  contest  in  one  of 
the  largest  software  piracy  cases  in  U.S.  history 
has  been  sentenced  to  nine  years  in  prison.  Usa  Chen 
was  arrested  along  with  three  associates  in  November 
2001  after  local  sheriffs  seized  hundreds  of  thousands 
of  copies  of  pirated  software  worth  between  $75  million 
and  $98  million  that  Chen  and  her  associates  were 
believed  to  have  smuggled  into  the  country 
from  Taiwan.  Microsoft's,  Symantec's  and 
other  vendors’ 


broadcast  spectrum  available  to  devices  that  incorporate  new  technologies  such  as 
wireless  LAN  connectivity  Sen.  Barbara  Boxer  (D-Calif.)  and  Sen.  George  Allen  (R-Va.) 
are  spearheading  the  effort. 

The  Boxer-Alien  proposal  would  require  the  Federal  Communications  Commission 
to  make  more  broadcast  spectrum  available  to  devices  that  incorporate  new  tech- 
nologies.The  bill  also  would  require  the  FCC  to  develop  guidelines  for  the  expanded 
portion  of  the  broadcast  spectrum  that  these  devices  would  use,  to  avoid  signal  con¬ 
gestion  and  interference.  Current  regulations  limit  wireless  LANs  and  similar  tech¬ 
nologies  to  a  small  portion  of  the  spectrum,  which  in  turn  limits  their  development, 
Boxer  said.  Another  goal  of  Boxer  and  Allen’s  legislation  is  to  give  people  in  rural  com¬ 
munities  new  ways  of  accessing  the  Internet. 

A0L  prepares  to  take  on  Outlook 

■  AOL  is  developing  a  stand-alone  e-mail  client  with  integrated  instant-messaging  soft¬ 
ware,  presumably  aimed  at  competing  with  Microsoft’s  Outlook  application.  Dubbed 
AOL  Communicator,  the  software  is  targeted  at  heavy  users  of  AOLs  Instant  Messenger 
and  advanced  e-mail  users,  an  AOL  spokeswoman  confirmed  last  week.  Communicator 
is  in  the  early  beta-testing  phase,  and  it  is  too  early  to  say  what  features  the  product  will 
have  or  when  it  will  be  released,  the  company  said.  AOLs  move  into  the  stand-alone  e- 
mail  market  could  enable  it  to  hit  three  birds  with  one  stone  —  letting  the  Internet  giant 
grab  more  corporate  users, diversify  its  revenue  stream  and  nip  at  one  of  rival  Microsoft’s 
strongholds.  The  ISP  recently  launched  a  corporate  instant-messaging  product,  just  as 
Microsoft  was  preparing  to  unveil  its  own. 


At  Sun,  our  goal  is  to  drive  costs  and  complexity  out  of  the  data  center.  Our  vision  for  N1 
is  to  drive  up  utilization  of  the  servers  you  already  own  and  get  them  operating  together 
like  a  seamless,  single  system. 

Instead  of  having  systems  administrators  manually  reconfigure  and  re-cable  servers 
every  time  there’s  a  need  to  shift  or  add  new  resources,  imagine  a  single  person  able  to 
manage  these  changes  from  a  single  workstation. 

Instead  of  managing  individual  servers,  imagine  if  your  IT  staff  could  better  support  your 
business  objectives  by  responding  in  real  time  to  the  accounting  rush  at  the  end  of  the 
quarter.  Or  to  the  10,000  customers  clamoring  for  your  newest  services.  They  would 
transform  themselves  from  systems  administrators  to  proactive  service  providers. 

Our  ultimate  goal  with  N1  is  to  transform  your  data  center  into  a  strategic  weapon.  When 
your  computing  resources  are  working  together  as  one,  you  become  your  competition’s 
worst  nightmare.  You  can  add  services  faster  than  they  can.  Handle  more  customers  than 
they  can.  Keep  up  with  the  ever-increasing  demand  for  information  and  services.  With  N1, 
you’re  not  just  playing  to  win.  You  are  winning. 


To  see  the  future  of  the  data  center,  visit  SXJN.COM/WHYKOT 
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New  OS  creating  Macintosh  converts 

Unix-based  Mac  OS  X  10.2  offers  network  executives  more  familiar  administrative  tools. 


r 

OS  X  10.2  includes  many  networking  features  that 
simplify  management  in  heterogeneous  networks. 

Feature  supported 

Based  on  Free  BSDMACH 

3.0  kernel 

Operating  system  based  on  Unix 
version;  uses  same  Unix/Linux 
management  tools. 

IP-native  networking 

Integration  with  other  networks. 

Active  Directory  and 
Lightweight  Directory 
Access  Protocol 

Integration  with  other  networks. 

SNMP 

Management  from  systems/ 
network  management  frameworks. 

Journaled  file  system 

Supports  larger  file  sizes. 

FTP,  Remote  Secure  Shell 

File  transfer  and  remote  access. 

Point-to-Point  Tunneling 
Protocol-based  VPN  client, 
Kerberos  authentication 

Secure,  authenticated  remote  access. 

IPv6/lPSec  support, Trans¬ 
port  Layer  Security 

Security  across  Internet. 

Portable  Authentication 
Module 

Unix/Linux  authentication  support. 

POP-enabled  mail 

Easier  connection  to  Microsoft 
Exchange  and  other  mail  servers. 

Rendezvous  networking 

Easier  IP-based  Macintosh  networking. 

■  BY  DENI  CONNOR 

Macintosh  servers  and  worksta¬ 
tions  might  no  longer  be  the 
black  sheeps  of  network  and  sys¬ 
tems  management. 

The  reason,  IT  executives  say  is 
that  a  new  version  of  Apple’s 
Unix-based  operating  system  — 
Macintosh  OS  X  10.2  —  is  giving 
them  the  long-sought-after  tools 
to  bring  these  machines  into  the 
management  nuclear  family 

“Macs  and  management.  Have 
you  ever  heard  the  expression 
'like  herding  cats’?”  asks  Shane 
Wilson,  coordinator  of  network 
services  at  Centre  College  in 
Danville,  Ky  “Macs  have  always 
been  this  way?’ 

The  advent  of  Mac  OS  X  10.2, 
however,  is  changing  that  attitude. 
Network  managers  who  formerly 
managed  Macs  with  proprietary 
software  and  hardware  can  now 
use  some  of  the  same  software 
they  used  for  their  Intel-  or  RISC- 
based  servers  and  workstations  to 
manage  Macs.  Mac  OS  X  for  the 
first  time  really  supports  stan- 
dards-based  enterprise  qualities 
such  as  security,  protocols  and 
tools,  which  make  management 
easier. 

Familiar  tools 

The  Mac  OS  X  (pronounced  OS 
10)  supports  many  of  the  same 
applications  and  command-line 
tools  that  IT  managers  use  to  con¬ 
figure,  install  and  manage  Win¬ 
dows,  Linux  and  Unix  machines. 


That’s  passible  because  OS  X,  un¬ 
like  OS  9,  is  built  on  FreeBSD,  an 
open  source  operating  system  for 
Intel,  Alpha  and  FbwerPC-based 
servers  that  is  based  on  BSD  Unix, 
an  implementation  of  Unix  devel¬ 
oped  at  the  University  of  Cali¬ 
fornia,  Berkeley 

“The  deployment  of  Mac  OS  X  is 
the  primary  reason  for  the  sud¬ 
den  attraction  of  Macs  at  our  or¬ 
ganization,”  says  David  Bratt,  tech¬ 
nology  architect  for  H.Lee  Moffitt 
Cancer  Center  in  Tampa,  F1a."The 
researchers  with  Unix  worksta¬ 


tions  like  it  because  it  is  basically 
FreeBSD  with  a  [Windows-like 
graphical]  interface.  Now  that  we 
have  the  quasi-Unix  look  and  feel 
with  Mac  OS  X,  we  have  several 
options  for  managing  Macs.” 

The  newest  version  of  the  Mac¬ 
intosh  operating  system  is  caus¬ 
ing  network  executives  to  re¬ 
examine  long-held  assumptions. 

“We  are  currently  looking  at  our 
future  and  determining  where 
Macs  will  fit  and  how  we’ll  sup¬ 
port  them,”  Bratt  says.  He  says 
Macs  are  being  installed  more 
often  in  Moffitt’s  research  divi¬ 
sion,  where  they  are  used  for 
computationally  intense  bioinfor- 
matic  applications  that  are  often 
written  for  Linux  or  Macintosh 
servers  and  workstations. 

Bratt  has  a  mixed  network  with 
Linux  and  Windows  NT  servers 
and  one  Apple  Xserve  server,  and 
an  assortment  of  900  client  work¬ 
stations  that  he  backs  up  with 
Veritas  Software’s  NetBackup. 
More  than  100  of  his  workstations 
are  Macs.  Bratt’s  IT  staff  also  uses 
an  inexpensive  shareware  prod¬ 
uct  from  Famatech,  called  Re¬ 
mote  Administrator,  to  remotely 
manage  and  install  software  on 
the  company’s  Windows,  Macin¬ 
tosh  and  Linux  workstations.  Re¬ 
mote  Administrator  starts  at  $35. 

“Mac  OS  X  has  all  the  commu¬ 
nications  and  network/systems 
management  tools  BSD  Unix 
has,  so  it  can  integrate  quite 
tightly  into  a  TCP/IP  network,” 
says  Dan  Kuznetsky,  research 


director  for  1DC. 

Another  user  says  that  remotely 
managing  Mac  servers  and 
workstations  is  much  easier 
now  that  he  has  upgraded  his 
Macintosh  workstations  to  Mac 
OS  X  from  OS  9. 

“Most  of  our  workstations  are 
now  running  OS  X,so  we  do  more 
remote  maintenance  on  those 
systems  than  we  did  with  OS  9," 
says  Tim  Price,  IT  specialist  for 
Architectural  Research  Consul¬ 
tants  in  Albuquerque,  N.M. 

Price  has  a  mix  of  Windows, 


Linux  and  Mac  servers  and  work¬ 
stations  in  his  network  that  run 
open  source  MySQL  and  Post- 
greSQL  databases. 

As  the  boundaries  of  manage¬ 
ability  have  been  stretched  with 
Mac  OS  X,  Macintosh  users  have 
for  a  long  time  been  able  to  store 
files  and  share  printing  on  Net¬ 
Ware,  NT  and  Unix  networks. 
They’ve  been  able  to  be  backed 
up  with  the  same  software  that 
works  with  other  operating  sys¬ 
tems  and  to  access  applications 
running  on  these  operating  sys¬ 
tems  with  products  such  as 
Samba  or  Citrix’s  MetaFrame  ter¬ 
minal  services  software. 

Casey  Riddell  has  used  Macs, 
Windows  and  Solaris  worksta¬ 
tions  with  business-critical  appli¬ 
cations  for  the  last  six  months. 

“I  have  a  Citrix  server  for  the 
Macs  to  get  all  of  their  needed  ap¬ 
plications  such  as  [enterprise  re¬ 
source  planning]  and  proprietary 
applications  [from  Windows],” 
says  Riddell,  network  systems  ad¬ 
ministrator  for  Anchor  Group,  an 
apparel  manufacturer  in  Sacra¬ 
mento,  Calif. 

Riddell  uses  the  Mapics  ERP  ap¬ 
plication  with  Windows  and  Mac¬ 
intosh  clients.  He  explains  that 


even  though  he  has  not  always 
been  a  fan  of  Macs  in  his  net¬ 
work,  he  is  softening  with  the  ad¬ 
vent  of  Mac  OS  X. 

“Recently  with  Apple’s  OS  X,  I 
have  completely  changed  my 
stance,  and  1  am  seriously  con¬ 
sidering  the  new  XServe  servers 
for  a  few  minor  Web  projects,” 
Riddell  says. 

Back-up  tools  and  applications 
aside,  the  management  tools 
Apple  offers  for  managing  Macs 
in  heterogeneous  environments 
have  been  limited.  However,  IT 
managers  now  can  rely  on  famil¬ 
iar  command-line  utilities  and  ap¬ 
plications  such  as  FTP  which  lets 
IT  managers  transfer  files,  patches 
or  applications  from  one 
machine  to  another. 

Growing  security 

Mac  OS  X  also  supports  Remote 
Login, a  command-line  utility  that 
uses  a  Telnet  connection  or  Se¬ 
cure  Shell  (SSH)  for  authentica¬ 
tion  and  lets  IT  managers  log  on 
to  a  workstation  or  server  as  if  it 
were  a  local  machine.  The  SSH 
utility  which  incorporates  Secure 
Sockets  Layer,  also  lets  them  dis¬ 
tribute  Unix  scripts  or  run  Apple’s 
NetBoot  or  Network  Install  to 


Macs  and  management  Have  you  ever 
heard  the  expression  like  herding  cats? 
Macs  have  always  been  this  way." 

Shane  Wilson 

Coordinator  of  network  services,  Centre  College 


remotely  boot  PCs  or  distribute 
software  to  client  workstations. 

For  authentication  and  encryp¬ 
tion,  Mac  OS  X  supports  Windows 
Active  directory  and  uses  Win¬ 
dows  password  authentication, 
and  Kerberos,  letting  IT  managers 
securely  manage  remote  Mac 
desktops  as  clients  on  Windows 
networks.  In  addition,  Apple  re¬ 
cently  added  a  journaling  file  sys¬ 
tem  to  Mac  OS  X,  which  allows 
larger  file  sizes  and  increases  in 
performance. 

The  possibilities  for  manage¬ 
ment  don’t  stop  with  file  transfer 
and  identity  management,  Apple 
says.  Mac  OS  X  supports  IPv6,  IP 
Security  and  SNMP  letting  appli¬ 
cations  that  use  those  protocols 
potentially  support  Macs. 

“You  send  out  the  SNMP  traps 
for  anything  you  want  to  moni¬ 
tor,  [gather  information  in],  so 
you  don’t  have  to  live  in  front  of 
the  console,”  Moffitt  Center’s 
Bratt  says. 

Hewlett-Packard  is  among  the 
first  vendors  to  embrace  the  new 
Mac  OS.  The  company’s  SNMP- 
based  OpenView  network,  sys¬ 
tems  and  storage  management 
includes  support  for  Macintosh 
servers  and  clients. 

As  for  IT  managers  using  Apple 
boxes  to  manage  Windows,  Net¬ 
Ware,  Linux  or  Unix  servers  and 
workstations,  the  company  says 
it’s  not  going  to  happen.Apple  has 
no  plans  to  include  that  type  of 
management  in  its  products; 
instead,  a  spokesman  says,  the 
company  will  rely  on  third-party 
vendors  such  as  HP  to  support 
those  capabilities.  ■ 
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■  THIS  WEEK’S  QUESTION: 


Nokia  traces  its  roots  to 
a  company  started  in 
1865  in  what  industry? 

Answer  the  and  nine  addUonal  questions 
online  and  you  could  win  $500!  Visit 

lUtwwi  World  Fusioo  and  enter  2349 
in  the  Sgarch  ^ox. 

www.nwfljsion.com 
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anvware”  The  downside:  your  walk  through  the  parking  lot  was  long.  The  upside:  it  gave  you  time 
to  think  about  a  way  to  eliminate  the  high  cost  and  hassles  of  overnight  delivery. 

And  lo  and  behold,  you  found  it:  Canon  imageRUNNER™  technology.  It  lets  you  send  documents  anywhere,  in  any  form,  at  any  time, 
over  your  network  or  the  Internet.  Instantaneously.  Just  scan  a  document  into  the  imageRUNNER  and  send  it -to  desktops,  E-mail 
addresses,  fax  machines,  databases  and  file  servers.  All  of  which  results  in  lowered  costs  and  increased  productivity.  So,  take  pride. 
Thanks  to  Canon  know-how,  your  walk  through  the  parking  lot  is  considerably  shorter.  1 -866-25-CANON  www.imagerunner.com 


Canon  is  a  registered  trademark  and  IMAGERUNNER  and  Canon  Know  How  are  trademarks  of  Canon  Inc.  IMAGEANYWARE  is  a  service  mark  of  Canon  U.SA.  Inc.  C2002  Canon  U.SA.,  Inc 
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Bank  of  America  chooses  Sigaba 


■  BY  CAROLYN  DUFFY  MARSAN 

Bank  of  America  has  awarded  Sigaba,  a 
San  Mateo,  Calif.,  start-up,  a  multimillion- 
dollar  deal  that  industry  observers  say  is 
one  of  the  largest-ever  enterprise  pur¬ 
chases  of  secure  messaging  software. 

Sigaba  will  provide  secure  e-mail  gate¬ 
ways,  secure  e-mail  applets,  authentica¬ 
tion  adapters  and  encryption  services  to 
Bank  of  America  under  the  terms  of  the 
five-year  contract  (the  exact  amount  of 
the  deal  was  not  disclosed).  Bank  of 
Americas  IT  staff  evaluated  products  from 
27  companies  for  the  secure  messaging 
deal,  which  took  two  years  to  award. 

Industry  analysts  say  the  deal  is  a  sign 
that  the  secure  email  market  is  picking  up 
steam.  The  technology  and  standards  to 
support  secure  e-mail  have  been  available 


for  some  time,  but  few  companies  could 
justify  the  cost. 

Charles  Kolodgy  research  manager  for 
security  products  at  IDC,  says  companies 
are  being  driven  to  purchase  secure  mes¬ 
saging  software  by  new  privacy  regula¬ 
tions  including  the  Gramm-Leach-Bliley 
Act  in  the  financial  services  industry  and 
the  Health  Insurance  Portability  and  Ac¬ 
countability  Act  in  the  healthcare  industry 

“The  Bank  of  America  deal  is  significant 
because  somebody  is  putting  down  some 
big  bucks  for  five  years  on  this  project,” 
Kolodgy  says.“This  is  probably  the  largest- 
ever  dedicated  secure  messaging  pur¬ 
chase.  Even  the  U.S.  government  hasn’t 
bought  anything  this  big.” 

Federal  regulation  was  at  the  center  of 
Bank  of  Americas  decision. 

“Compliance  with  the  Gramm-Leach- 


GSA  to  keep  vigilant  with 
patch-notification  service 

■  BY  ELLEN  MESSMER  ,  ™  'IT’ 


WASHINGTON,  D.C.  —  The  U.S.  General 
Services  Administration  last  week  began 
offering  federal  civilian  agencies  a  way  to 
keep  track  of  new  software  patches  so  that 
they  can  apply  them  before  hackers  exploit 
known  vulnerabilities. 

The  free  service  is  being  offered  to  agen¬ 
cies  that  register  through  the  GSAs  Federal 
Computer  Incident  Response  Center 
(FedCIRC),  the  division  that  notifies  the 
GSA  and  other  civilian  agencies  of  impor¬ 
tant  security  incidents.  The  service  is 
based  on  a  customized  version  of  Se- 
curelnfo’s  patch-management  product, 
InSite  Enterprise  Vulnerability  Manage¬ 
ment,  which  will  be  hosted  at  Veridian 
Information  Solutions,  the  prime  contrac¬ 
tor  awarded  the  five-year,  $10.8  million 
contract  by  the  GSA. 

“It’s  no  secret  that  most  security  incidents 
could  be  avoided  if  managers  applies 
patches  for  known  vulnerabilities,”  says 
Sallie  McDonald,  assistant  commissioner 
for  the  Office  of  Information  Assurance 
and  Critical  Infrastructure  Protection  with¬ 
in  the  GSAs  Federal  Technology  Service. 

Keeping  track  of  all  the  vendor 
announcements  related  to  security  holes 
and  patches  for  them  is  a  daunting  task, 
particularly  for  an  organization  the  size  of 
the  federal  government.  The  GSA  says  it 
hopes  the  task  will  get  somewhat  easier 
through  the  online  FedCIRC  service 
because  the  security  administrators  will 
receive  information  related  only  to  the  spe¬ 
cific  applications  they  want,  rather  than  be 
overloaded  with  data  they  don’t  need. 

The  GSA  will  use  the  patch-notification 
service  to  make  sure  that  software  patches 
are  applied  methodically  across  agency 
computers.  The  service  will  be  voluntary 


Feeling  vulnerable 

A  report  issued  last  month  on 
security  weaknesses  at  24  federal 
agencies  said  the  GSA  found 
“sensitive  information,  such  as 
taxpayer  data,  Social  Security 
records,  medical  records  and 
proprietary  business  information 
could  be  inappropriately 
disclosed  or  browsed  or  copied.” 


for  other  agencies.  (One  large  agency,  the 
Veterans  Administration,  began  requiring 
its  sites  to  use  a  software  patching  service 
of  its  own.) 

Federal  agencies  expect  to  see  a  tighten¬ 
ing  of  security  requirements  under  the 
Homeland  Security  Act,  which  Congress 
passed  and  President  Bush  signed  into 
law  last  week.  It  officially  created  the 
Department  of  Homeland  Security,  ex¬ 
pected  to  combine  parts  of  55  agencies 
with  security  outfits,  including  the  GSAs 
FedCIRC. 

The  Homeland  Security  Act  also  came 
to  include  legislation  known  as  the 
Federal  Information  Security  Manage¬ 
ment  Act  (FISMA),  which  Rep.  Tom  Davis 
(R-Va.)  and  Rep.  Steve  Horn  (R-Calif.) 
introduced  earlier  this  year.  FISMA  will  be 
the  new  law  to  replace  the  Government 
Information  Security  Reform  Act,  which 
stipulated  agencies  had  to  periodically 
report  security  practices  to  the  Office  of 
Management  and  Budget  (OMB).  FISMA 
says  agencies  must  comply  with  any  new 
IT  security  guidelines  the  OMB  sets  forth 
in  tandem  with  the  National  Institute  of 
Standards  and  Technology.  ■ 


PROFILE:  SIGABA 

Location:  San  Mateo,  Calif. 
Founded:  2000 

Products:  Server  and  plug-in 
software  for  secure  messaging  and 
document  delivery. 

Financing:  $5M  in  venture  financing. 

Customers  include:  Cascade 

Bank,  Department  of  Agriculture  and 
National  Institutes  of  Health. 


Bliley  legislation  for  secure  transmission 
of  private  and  confidential  information 
led  us  to  conduct  a  detailed  evaluation  of 
the  underlying  security  in  the  vendor 
products,”  says  Wil  Koenig,  senior  vice 
president  of  technology  and  operations  in 
Bank  of  America’s  messaging  and  collab¬ 
oration  services  group. 

Koenig  says  the  other  top  priorities  for 
the  bank’s  secure  messaging  system  were 
“implementation  in  a  fashion  that  would 
not  impose  a  performance  degradation 
on  our  overall  e-mail  system  . . .  [and]  the 
ability  to  provision  the  service  in  a  man¬ 
ner  that  didn’t  require  our  customers  to 
download  any  software.” 

Bank  of  America  chose  Sigaba’s  soft¬ 
ware  to  ensure  the  secure  delivery  of  con¬ 
fidential  financial  information  via  its  exist¬ 
ing  e-mail  system,  which  is  based  on 
Microsoft  Exchange  2000. 

Sigaba  will  provide  Bank  of  America 
with  its  Secure  E-mail  Suite,  which  in¬ 
cludes  server  software  that  encrypts 
e-mail  messages  sent  from  one  organiza¬ 
tion  to  another  according  to  predeter¬ 
mined  policies.  Sigaba  also  will  provide 
the  “send  anywhere”  feature,  which  bun¬ 
dles  an  applet  inside  an  encrypted  e-mail 
that  lets  the  recipient  decrypt  the  mes¬ 
sage  regardless  of  the  e-mail  client  soft¬ 
ware  used. 

Sigaba’s  secure  e-mail  suite  starts  at 
$50,000  for  a  two-year  license  that  sup¬ 
ports  100  internal  and  100  external  users. 

Initially,  Bank  of  America  will  use 
Sigaba’s  software  to  send  encrypted 
e-mail  to  customers  of  its  Global  Treasury 
Services  division,  which  had  used  Pretty 
Good  Privacy  desktop-encryption  soft¬ 
ware.  This  initial  phase  of  the  Sigaba  roll¬ 
out  will  start  early  next  year  and  involve 
several  hundred  Bank  of  America 
employees. 

“We  have  a  number  of  businesses  [be¬ 
sides]  Global  Treasury  Services  that  are  in¬ 
terested"  in  the  Sigaba  products  to  meet 
Gramm-Leach-Bliley  requirements,  Koe¬ 
nig  says.  “I  suspect  we’ll  see  fairly  broad 
acceptance  across  the  company . .  This  is 
definitely  one  of  the  high-priority  items  on 
our  docket.” 

IDC’s  Kolodgy  estimates  secure  messag¬ 
ing  software  sales  will  be  less  than  $20 
million  in  2002. “This  deal  is  pretty  signifi¬ 
cant,"  he  adds.  ■ 
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Users  select  approval  or  deny 
commands  before  being  asked 
,  to  confirm  their  choices,  which 
will  update  the  directory. 


Approval  process 


BindView’s  bv-Admin  for  Windows  7.0  includes  the  ability 
to  create  a  Web-based  process  for  assigning  users 
access  privileges  that  are  stored  in  Active  Directory. 


Confirmation! 

You  «r»  about  to  appro* a  tha  following  tasks 
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Users  can  look  at  approvals 
they  have  to  authorize  or 
those  they  have  requested. 


HOUSTON  —  BindView  this  week  will  release  tools  for  eas¬ 
ing  delegation  and  deployment  tasks  for  those  managing 
Microsoft  Active  Directory  environments. 

While  bv-Admin  for  Windows  7.0  includes  features  for  migrat¬ 
ing  to  Windows  2000  and  Active  Directory  its  focus  is  on  making 
it  easier  to  maintain  Active  Directory  once  it  is  in  place.  Micro¬ 
soft’s  directory  technology  has  been  on  the  market  for  nearly 
three  years  but  remains  complex  to  set  up  and  administer. 

BindView’s  tools  compete  with  similar  offerings  from  Quest, 
NetlQ  and  Aelita,  but  all  are  finding  this  area  a  tough 
market,  some  experts  say. 

“BindView  and  the  others  have  very  necessary  pro¬ 
ducts,  but  given  the  economic  downturn  a  lot  of 
companies  are  bypassing  these  network  manage¬ 
ment  tools  and  trying  to  do  this  themselves,  which  is  a  mistake,” 
says  Laura  DiDio.an  analyst  with  The  Yankee  Group. 

“They  have  a  good  product,  but  the  support  service  could  be 
worth  its  weight  in  gold,”  DiDio  says. 

BindView  is  adding  approval-based  administration  that  mar¬ 
ries  the  action  of  adding,  changing  or  deleting  a  user,  group  or  re 
source  to  the  directory  with  a  workflow  approval  process.  For  ex¬ 
ample,  an  administrator  can  designate  that  a  new  user  needs  ac¬ 
cess  to  a  certain  database,  but  access  controls  in  the  directory  will 
not  be  activated  until  the  administrator  of  that  database  approves 
an  account  for  the  new  user. 

The  feature  sends  an  e-mail  to  whoever  must  approve  the  new 
user  account.The  e-mail  contains  a  link  to  a  Web  page  where  the 
approval  can  be  denied  or  granted,  triggering  an  update  in  the 
directory  or  a  notification  that  access  has  been  denied. 

BindView  also  has  added  a  Dynamic  Web  Bartal  feature,  which  is 
geared  toward  delegating  directory  administration.The  Web-based 
interface  uses  the  delegation  rules  in  Active  Directory  to  create  a 
customized  view  of  directory  information. 


“A  help  desk  worker  doesn’t  need  to  see  the  directory’s  organi¬ 
zational  units  and  all  the  sites  [on  the  network] ,  they  just  need  to 
change  passwords,” says  Carl  Meadows,  product  manager  for  Bind¬ 
View.  The  bv-Admin  software  has  had  a  Web-based  interface  but 
required  use  of  scripting  and  APIs  to  personalize  the  interface. 

BindView  also  has  added  support  for  migrating  Windows  NT  to 
Windows  .Net  Server  2003,  which  is  expected  to  ship  in  April. 
However,  the  software  will  not  support  migrations  from  Win  2000 
to  .Net  Server  2003  until  a  future  release.  In  addition,  bv-Admin  for 
Windows  7.0  is  being  offered  as  a  64-bit  application  that  would  run 
on  the  64-bit  version  of  .Net  Server  2003. 

BindView  expects  to  ship  bv-Admin  for  Windows  7.0  on  Dec.  2.  It 
is  priced  at  $11.95  per  user.  The  GPO  module  costs  $6.05 
per  user.  ■ 


■  BY  JOHN  FONTANA 
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Sun  move  placates  users 

Company  ships  Solaris  9  operating  system  for  Intel  servers. 


■  BY  DENI  CONNOR 

PALO  ALTO  —  Ending  nearly  a  year 
of  sometimes  cantankerous  debate  with 
its  users, Sun  appeased  its 
Unix  customers  when  it 
posted  on  its  site  a  down¬ 
loadable  early-access  ver¬ 
sion  of  its  Solaris  9  oper¬ 
ating  environment  for 
Intel-based  servers  and 
workstations. 

In  posting  the  early- 
access  version  of  Solaris  9 
12/02  X86  Platform  Ed¬ 
ition,  the  company  ended 
a  prolonged  debate  with 
its  users  over  whether 
Solaris  should  be  avail¬ 
able  on  Intel  platforms  as 
well  as  SPARC  systems. 

Sun  sparked  the  debate  in  January,  when 
it  announced  plans  to  halt  work  on  the 
Intel  version  of  Solaris  9,  choosing  to  focus 
instead  on  developing  the  new  operating 
system  only  for  its  own  UltraSPARC  pro- 
cessors.The  action  snubbed  users’  desire  to 
run  the  most  current  Solaris  operating  sys- 


Huge  turnout 

More  than 

1,300 

users  responded  to  a 
petition  asking  Sun  to 
re-up  development  of 
Solaris  on  the  X86 
platform. 


tern  on  less-expensive  Intel  servers  and 
workstations.  Users  reacted  by  advertising 
of  Sun’s  malfeasance  in  the  San  Jose 
Mercury  News,  asking  the  company  to  re¬ 
spond.  In  October,  Sun 
announced  it  would 
ship  Solaris  9  on  X86 
platforms. 

“I  was  a  pretty  un¬ 
happy  camper,”  says 
John  Groenveld,  asso¬ 
ciate  research  engi¬ 
neer  for  the  Applied 
Research  Laboratory  at 
The  Pennsylvania  State 
University  in  State  Col¬ 
lege,  Pa. “Sun’s  manage¬ 
ment  now  understands 
that  it  has  an  obliga¬ 
tion  to  its  customers  to 
provide  Solaris  on  Intel  platforms.” 

Groenveld  is  one  of  the  most  outspoken 
users  pushing  Sun  to  package  Solaris  9  on 
X86  systems.  In  the  Applied  Research 
Laboratory  he  has  six  SPARC-based  servers 
and  20  Intel  servers  that  run  Solaris  8,  Sun’s 
previous  version. 

Solaris  9  for  the  X86  platform  has  the 


same  features  as  its  SPARC-based  counter¬ 
part,  which  was  released  in  May  2002.These 
features  include  an  integrated  iPlanet 
Directory  Server;  Kerberos  and  Secure 
Shell  support;  Solaris  Volume  Manager;  soft¬ 
ware  for  controlling  and  allocating  systems 
resources;  and  increased  performance  for 
large,  multithreaded  applications. 

“This  is  a  great  first  step  for  Sun,”  Groen¬ 
veld  says.  “One  of  the  best  things  about 
Solaris  X86  is  it  allows  people  who  live  in  a 
SPARC  shop  at  work  to  have  the  same 
development  environment  at  home  or  in 
their  office  on  Intel  systems.”  Groenveld  is 
one  of  those  users.  He  develops  code  on  an 
X86-based  laptop  in  his  office  for  deploy¬ 
ment  on  the  SPARC-  and  Intel-based  ser¬ 
vers  in  the  laboratory 

Solaris  9  12/02  X86  Platform  Edition  runs 
on  a  variety  of  Intel-based  machines  and 
Sun’s  LX50  server. 

The  early-access  version  of  Solaris  9 
12/02  X86  Platform  Edition  is  download¬ 
able  from  www.nwfusion.com,  DocFinder: 
3346,  for  $20.  A  commercial  version  is 
expected  to  ship  this  month  for  $100, com¬ 
pany  sources  say. 

Sun:  www.sun.com 
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MasterCard 

continued  from  page  1 

allow,  says  Artie  Ahrens,  senior 
vice  president  of  computer 
and  network  operations  at 
MasterCard. 

The  New  York  disaster-recovery 
facility,  which  is  actively  involved 
in  a  portion  of  MasterCard’s  daily 
card-processing  tasks,  was  not 
damaged  by  the  Sept.  1 1  attacks. 
But  for  MasterCard,  a  new  reality 
became  evident.  The  company’s 
assumption  that  it  always  would 
be  able  to  fly  personnel  into  this 
disaster-recovery  site  if  neces¬ 
sary  was  wrong  in  that  attacks 
shut  down  air  travel  across 
the  country. 

“We’re  going  to  move  the  back¬ 
up  closer,  within  three  to  four 
hours’  driving  range,”  Ahrens 


says.  "And  we’re  going  to  be  able 
to  operate  it  remotely.  In  the 
existing  facilities  in  New  York, 
you  don’t  have  all  the  remote 
controls.  For  instance,  if  I’m  start¬ 
ing  a  job  on  a  mainframe  or 
monitoring  a  Unix  system  or 
reloading  software  today  some¬ 
one  has  to  sit  in  front  of  a  con¬ 
sole  in  New  York  or  here.” 

New  digs 

MasterCard  is  focused  on  get¬ 
ting  its  back-up  strategy  in  order, 
even  though  the  new  data-pro- 
cessing  facility  where  some 
2.000  IT  professionals’  work  is 
built  to  withstand  even  earth¬ 
quakes.  The  land,  in  a  rural  area 
outside  St.  Louis,  was  essentially 
a  donation  from  a  local  develop¬ 
er  who  sold  several  acres  to 
MasterCard  for  a  nominal  fee  in 
order  to  spur  new  housing  and 
retail  demand  around  it. 


Beneath  the  quiet  hillside, 
though,  there’s  a  telecom  system 
fit  fora  metropolis. Southwestern 
Bell  has  installed  SONET  rings 
and  multiple  OC-12  links  for 
redundancy.  AT&T,  MasterCard’s 
primary  carrier  and  the  supplier 
of  its  global  VPN  network,  has 
about  20  employees  working  full 
time  for  MasterCard.  Inside  one 
area  of  the  data  center,  a  giant 
screen,  part  of  the  Hewlett- 
Packard  OpenView  network 
management  system,  displays 
MasterCard’s  traffic  volumes 
across  the  VPN. 

The  data  center  also  boasts  two 
IBM  mainframes,  more  than  200 
Cisco  switches  and  routers, 
about  150  servers  (mostly  from 
Sun)  and  13  EMC  systems  that 
pack  200  terabytes  of  storage 
capacity. 


When  it  comes  to  security, 
MasterCard  prefers  to  maintain 
its  own  disaster-recovery  site 
rather  than  outsource  to  third- 
party  providers. 

“With  SunGard  or  IBM,  you 
have  to  put  dedicated  equip¬ 
ment  on  their  floor  as  you’re 
renting  their  floor  space,”  says 
Randall  Till,  vice  president  of 
business  continuity  at  Master- 
Card.  “But  larger  companies  are 
finding  that  as  equipment 
becomes  smaller,  you  can  get  a 
lot  of  equipment  into  a  smaller 
space.” 

MasterCard  has  dozens  of 
offices  and  processing  facilities 
around  the  world  where  it  could 
install  a  disaster-recovery  opera¬ 
tion.  But  places  where  terrorism 
is  seen  as  on  the  rise  —  such  as 
the  Middle  East  —  aren’t  high  on 
the  list  for  consideration. 

At  the  end  of  the  day,  all  impor¬ 


tant  card-processing  files  sent 
over  BankNet,  which  is  tied  into 
bank  mainframes  and  proces¬ 
sors  around  the  world,  come  for 
final  storage  at  the  O’Fallon  facil¬ 
ity.  So  it  makes  the  most  sense 
to  have  the  recovery  site  rela¬ 
tively  nearby. 

Like  most  companies,  Master- 
Cards  disaster-recovery  proce¬ 
dures  —  outlined  in  a  manual 
several  hundred  pages  long  that 
Till  presented  for  a  moment’s 
look  —  involve  a  phased-in  ap¬ 
proach  to  restoration.  Less-im¬ 
portant  applications  might  take 
hours  or  even  days  to  bring  back 
into  use  after  any  significant 
downtime.  What  the  company 
calls  Tier-1  applications  —  those 
involving  the  most  important 
card-processing  data  —  are 
backed  up  continuously  through 
data-mirroring. 

Critical  data-mirroring 

Till  says  he  expects  to  see  the 
expansion  of  the  use  of  data-mir¬ 
roring,  which  the  company  per¬ 
forms  via  Oracle  database  soft¬ 
ware  and  EMC  storage  equip¬ 
ment.  Data-mirroring,  or  real-time 
duplication  of  data,  could  take 
hold  not  just  in  the  new  disaster- 
recovery  center  that’s  envi¬ 
sioned,  but  at  a  possible  third 
back-up  location  under  consid¬ 
eration,  he  says.  But  he  says  the 
process  is  very  involved,  and 
requiring  the  use  of  high-speed 
lines  and  careful  attention  to 
database  size. 

“When  we  moved  to  mirroring, 
[we  had  to  rewrite]  some  of  the 
corporate  applications  we  had 
started  to  use  in  the  replication 
process  to  keep  different  sites  in 
sync, ’’Till  says. 

MasterCard  must  be  in  line 
with  any  new  regulations  the 
Federal  Reserve  creates  for  dis¬ 
aster  recovery  (see  www.nwfu- 
sion.com,  DocFinder:  3350),  so 
the  company  will  target  the  two- 
hour  restoration  time  frame  the 
government  already  has  suggest¬ 
ed  it  wants  for  financial-related 
information. 

“We  want  to  reduce  recovery 
time  from  24  hours  to  two  hours,” 
he  says. 

The  role  of  MasterCard  in  the 
trillion-dollar  card-processing  in¬ 
dustry  is  critical. 

“If  we  have  a  member  bank 
that  goes  down,  we  do  the  stand- 
in  authorization  processing,”  Till 
says.  "And  we  see  that  on  a  regu¬ 
lar  basis"  ■ 

Get  more  information  online. 
DocFinder:  3349 
WWW.nrfiniM.CMi 


MasterCard  is  looking  to  build  a  new  back-up  facility  about  300  miles  from 
its  new  data-processing  center  (shown  here). 


Alcatel 
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Alcatels  OmniStack  6600  is 
designed  to  work  in  a  stack  as  a 
virtual  chassis  backbone  switch. 


in  several  respects  —  namely,  im¬ 
proved  failover  capabilities  and 
delivery  of  up  to  4G  bit/sec  links 
between  each  switch  in  a  stack. 

“Alcatel  is  saying  it  can  offer 
carrier-class  availability  in  a 
bunch  of  stackables,  which  is  an 
interesting  concept,”  says  Stan 
Schatt,  vice  president  with  Giga 
Information  Group. 

While  the  new  OmniStack  6600 
switches  are  not  Alcatel’s  first 
stackables,  they  are  its  most  ad¬ 
vanced.  The  24-  and  48-port  de¬ 
vices,  which  start  at  roughly  $170 
per  port,  are  meant  to  act  as  virtual  chassis  switches  in  high-density 
enterprise  wiring  closets  or  backbones. 

Texas  A&M  University  a  large  Alcatel  network  shop  that  has  been  test¬ 
ing  beta  versions,  plans  to  deploy  6600s  mostly  at  the  LAN  edge.  The 
College  Station  school  expects  to  use  them  in  areas  that  support  real¬ 
time  traffic,  such  as  offices  with  voice-over-IP  (VoIP)  and  IP  video 
applications,  according  to  Willis  Marti,  associate  director  of  the  school’s 
Computer  and  IS  Networking  Group. 

“We  like  stackables  a  lot  more  than  chassis-based  products  in  the 
[wiring]  closet,”  Marti  says.“It’s  easier  to  manage,”  because  switches  in 
the  stack  can  be  added  and  removed  without  changing  any  configu¬ 
ration  files  or  shutting  down  a  larger  chassis.  He  says  it  also  is  a  plus  that 
each  switch  cannot  act  as  a  single  point  of  failure  —  each  has  its  own 
power  supply. 

The  only  downside  to  the  stackables,  he  says,  is  that  with  their  1.5U 
(2.62  inches)  form  they  take  up  more  room  than  Alcatel’s  previous  1U 
(1.75  inches)  OmniStack  6148  switches. 

As  many  as  eight  OmniStack  6600s  can  be  linked  with  dual  Gigabit 
Ethernet  connections  in  a  “cascade”  loop  configuration,  in  which  each 
switch  is  linked  to  an  adjacent  switch.This  provides  a  virtual  backplane 
of  4G  bit/sec  for  each  switch  port  in  the  stack  when  each  connection 
runs  in  full-duplex  mode. 

A  stack  of  OmniStack  6600  switches  can  be  controlled  as  a  single  net¬ 
work  device,  with  one  IP  address.The  stack  can  be  viewed  and  config¬ 
ured  as  one  device  through  SNMP-based  tools  and  Alcatel’s  OmniVista 
switch  management  software,  which  is  used  to  manage  its  OmniSwitch 
7000  and  8000  series  chassis  products.  The  switches  support  Layer  3 
switching  and  other  features  found  in  high-end  wiring  closet  chassis 
products, such  as  Open  Shortest  Path  First,  802. IX  authentication  and 
quality  of  service. 

Each  switch  in  the  OmniStack  6600  stack  can  act  as  the  equivalent  of 
a  supervisor,  or  management  module,  from  the  chassis  switch  world. 
This  lets  any  of  the  switches  take  over  as  the  control  module  for  the  vir¬ 
tual  chassis,  the  company  says. 

The  6600s  will  compete  with  products  such  as  Cisco’s  fixed-configu¬ 
ration  Catalyst  2900  and  3500  boxes,  which  can  be  combined  into  a 
chassis-like  device  through  the  use  of  Cisco’s  GigaStack  technology. 
Nortel  can  do  the  same  with  its  BayStack  boxes, and  Allied  Telesyn  has 
a  similar  technology 

3Com  is  looking  to  re-establish  itself  at  the  high  end  of  the  enterprise 
network  market  with  its  Extendable  Resilient  Network  technology, 
which  links  fixed-configured  boxes  with  high-speed  interconnects  as 
an  alternative  to  chassis  switch  products. 

Giga’s  Schatt  says  Alcatel’s  differentiators  include  its  ability  to  offer  4G 
bit/sec  connections  between  switches  in  a  stack  vs. closer  to  1G  bit/sec 
links  from  others. 

Schatt  says  the  6600’s  failover  scheme  is  an  improvement  over  com¬ 
petitors’  offerings.  Most  vendors’  stacked  switches  become  unmanage¬ 
able  as  a  single  device  if  the  supervisor  switch  fails,  whereas  the 
OmniStack  can  fail  over  to  a  back-up  switch  for  controlling  the  stack. 

Regardless, Alcatel  has  a  challenge  ahead  in  trying  to  win  share  from 
Cisco,  Nortel  and  3Com, which  lead  the  fixed-configuration  switch  mar¬ 
ket.  Alcatel  held  only  1.8%  Of  the  Get  more  information  online 

overall  $15  billion  LAN  switch  mar-  DocFinder:  3343 

ket  last  year.  ■ 
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Mobile  solutions  from  AMD  help  to  extend  your  notebook’s  battery 
without  sacrificing  performance.  Just  because  you’re  out  of  the  office  do 
mean  you’ve  got  less  to  do.  That’s  why  the  mobile  AMD  Athlon™  XP  processor  incl 
exclusive  PowerNow!™  technology.  And  why  our  AMD  Alchemy™  Aml772™  wireless  ch 
is  specially  engineered  to  use  less  CPU  power.  The  result  is  a  more  efficient  laptop 
desktop-like  performance.  It’s  just  one  more  way  AMD  designs  and  builds  mobile 
tions  with  you  in  mind.  We  always  have.  We  always  will.  To  learn  more  visit  www.amd. 


I  need  to  work 

from  anywhere.  Not  just 

the  nearest  outlet. 
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10  Gigabit  bottleneck 


Many  vendors  offering  10  Gigabit  Ethernet  modules  for 
their  high-end  switch  chassis  cannot  deliver  full  10G  bit/sec 
throughput  because  of  limitations  on  the  bandwidth 
between  the  switch  module  slots  and  the  chassis  backplane. 


Switch  chassis 
backplane 
capacity:  64G 
to512G  bit/sec 


10G 

continued  from  page  1 

the  flow  of  high-speed  packet 
streams  to  a  port,  can  cause 
throughput  to  dip  below  7G  bit/ 
sec  on  some  products,  according 
to  Brian  Tolly,  senior  engineer  and 
analyst  with  Tolly  Group,  a  net¬ 
work  testing  and  consulting  firm. 

Price  isn't  right 

“For  the  price  that  10  Gigabit  is 
going  for  says  Sheng  Guo, CTO  for 
the  State  of  New  York  Unified 
Court  System,  “I  would  want  to 
make  sure  support  for  10  Gigabit 
Ethernet  really  means  I’m  going 
to  get  10  gigabits  per  second.” 

Guo’s  network  connects  court 
and  correctional  facilities  through¬ 
out  New  York  over  dark  fiber  and 
a  mix  of  metropolitan-area 
Gigabit  Ethernet  and  SONET. 
Guo  says  that  he’s  found  10G 
Ethernet  to  be  cost-prohibitive. 
And  the  idea  that  the  technol¬ 
ogy  might  not  deliver  as  much 
bandwidth  as  it  promises  makes 
him  inclined  to  put  off  any  tests 
until  vendors  can  support  the 
real  thing. 

The  main  reason  most  boxes 
don’t  really  support  the  higher 
speeds  is  that  switch  platforms 
such  as  the  Cisco's  Catalyst  6500, 
Foundry’s  Biglron  15000,  Ex¬ 
treme’s  BlackDiamond  6800  and 
Nortel’s  Passport  8600  have  all 
been  on  the  market  for  years. 
The  10G  Ethernet  standard  was 
only  ratified  by  the  IEEE  this 
summer. 

The  limitations  of  these  chassis 
for  handling  10G  Ethernet  are 
widely  known,  vendors  claim. 

“We  have  8G  bit/sec  to  each  slot 
on  our  chassis,”  says  John 
Erlandson,  director  of  product 
marketing  for  Extreme.  “That’s 
well-documented,and  we’ve  never 
tried  to  disguise  that  in  any  way? 

In  addition  to  providing  full- 
duplex  8G  bit/sec,  Erlandson 
adds,  Extreme’s  products  also  can 


handle  features  such  as  quality  of 
service  and  multilayer  routing 
without  affecting  throughput. 

“The  performance  our  cus¬ 
tomers  are  getting  now,  at  8  giga¬ 
bits  per  second  on  one  pipe,  is 
eight  times  as  fast  as  Gigabit 
Ethernet,  and  almost  as  fast  as 
SONET  OC-192,”  which  is  about 
9.9G  bit/sec.  However,  he  adds,  the 
cost  for  10G  Ethernet  is  about  a 
quarter  the  price  of  its  virtual 
SONET  equivalent. 

So  8G  bit/sec  instead  of  10G 
bit/sec  —  what’s  the  difference?  A 
lot  when  you  consider  10G  Ether¬ 
net  pricing. 

Dell’Oro  Group  says  that  cus¬ 
tomers  can  expect  to  pay  an  aver¬ 
age  of  $25,000  per  10G  Ethernet 
port  this  year.  Long-reach  10G 
Ethernet  ports  from  vendors  such 
as  Foundry  Cisco  and  Extreme 
can  cost  in  the  range  of  $75,000 
to  $80,000  for  a  single  port  on  a 
module  that  takes  up  an  entire 
slot  in  a  chassis. 

While  Dell’Oro  expects  the  per- 
port  cost  to  drop  to  around 
$7,000  in  2005  (still  five  times 
what  Gigabit  cost  in  1999),  it  is 
expected  that  the  technology 
will  appeal  to  only  the  largest 
shops.  1DC  expects  that  only 
45,000  10G  Ethernet  ports  will 


ship  this  year,  as  opposed  to  8 
million  Gigabit  ports  worldwide. 

Meanwhile,  eight  1G  ports 
would  cost  about  $10,000  to 
$16,000. 

Ten  Gigabit  might  be  on  the  dis¬ 
tant  horizon  for  many  corpora¬ 
tions,  but  users  looking  to  make  a 
chassis-switch  purchase  now 
could  be  caught  in  the  middle  of 
a  major  upgrade  cycle  by  their 
respective  vendors. 

Coming  soon? 

In  conference  calls  with  in¬ 
vestors  last  month,  Foundry  CEO 
Bobby  Johnson  alluded  to  his 
company’s  next-generation  core 
switch,  code-named  Mucho 
Grande,  which  sources  say  will 
support  more  than  10G  bit/sec  of 
bandwidth  per  slot  and  is  ex¬ 
pected  to  debut  next  year. 

Other  vendors  have  hinted  that 
chassis  upgrades  are  around  the 
corner  as  well. 

“Will  we  be  changing  Black- 
Diamond  to  accommodate  an 
extra  two  Gigabits  of  Ethernet 
bandwidth  per  slot?  That’s  very 
unlikely  says  Extreme’s  Erland¬ 
son,  who  hinted  that  a  successor 
to  BlackDiamond  also  could  be 
expected  next  year. 

Alcatel’s  OmniSwitch  8800, 
which  was  announced  in  Feb¬ 
ruary  and  is  scheduled  to  ship 
this  month,  supports  approxi¬ 
mately  13.2G  bit/sec  per  slot, 
according  to  the  company.  Mod¬ 
ules  with  single-port  10G  Ethernet 
ports  will  be  released  from 
Alcatel  in  the  second  quarter. 

Users  and  analysts  say  a  wait- 
and-see  approach  might  be  wise 
if  10G  Ethernet  is  in  their  game 
plans. 

“If  10  Gigabit  is  in  the  long,  long- 
range  plan,  [users]  should  work 
with  their  vendors  and  get  some 
[nondisclosure  agreement]  in¬ 
formation  and”  work  out  a 
timetable  for  when  the  vendor 


will  release  a  true  10G  Ethernet 
switch,  says  Lawrence  Orans, 
senior  analyst  with  Gartner.  “If 
[users]  need  10  Gigabit  now,  they 
should  only  make  tactical  invest¬ 
ments  on  older  switching  plat¬ 
forms”  that  are  available  today 

For  now,  many  analysts  say  mar¬ 
ket  newcomer  Force  10  Networks 
is  one  of  the  few  options  for  high- 
density  10G  Ethernet  switching. 

“If  you  want  to  buy  a  high-end 
switch  with  10  Gigabit  Ethernet, 
Force  10  is  really  the  only  op¬ 
tion,”  says  Zeus  Kerravala  of  The 
Yankee  Group. 

ForcelO,  which  debuted  its 
E1200  switch  in  September,  says 
it  can  provide  up  to  40G  bit/sec 
of  bandwidth  between  switch 
modules  in  its  chassis. The  com¬ 
pany  is  shipping  dual-port  10G 
Ethernet  cards,  which  cost  about 
$110,000. 

“But  on  the  other  side  of  it,” 
Kerravala  adds,  ForcelO  “is  a 
start-up  that’s  debuting  in  a  mar¬ 
ket  that’s  very  young  —  and  very 
expensive  —  while  in  the  middle 
of  a  down  economy  The  ques¬ 
tion  is,  are  they  going  to  hang  in 
there  long  enough  for  the  market 
to  come  around.” 

For  users  working  on  the  most 
cutting-edge  network  technolo¬ 
gies,  the  performance  boost  of 
ForcelO  is  worth  any  risks. 

Two  ForcelO  El 200s  were  re¬ 
cently  installed  at  the  San  Diego 
Supercomputing  Center  (SDSC) 
to  support  a  cluster  of  512  Gigabit 
Ethernet  servers.  The  servers  are 
part  of  the  Teragrid  project,  an 
effort  by  the  SDCS,  along  with  the 
National  Center  for  Super¬ 
computing,  to  build  the  world’s 
largest  distributed  supercomput¬ 
er,  according  to  Kevin  Walsh, 
senior  network  engineer  at  the 
SDSC. 

“There  is  no  other  manufac¬ 
turer  at  the  moment  that  has 
combined  this  kind  of  perfor¬ 
mance  and  capacity,”  says 
Walsh,  adding  that  he  has  tested 
10G  Ethernet  switches  from 
other  vendors.  He  did  not  name 
specific  companies.  ■ 


More  online! 


Learn  more  about  upgrading  to  10G  at 
Network  World's  State  of  LAN  MAN  tour 
coming  to  an  area  near  you. 
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obile  office 


Today’s  business  execs  are  working  at  home,  on  the 
road,  in  the  office  and  everywhere  in  between. 
Net.Worker  keeps  you  abreast  of  the  tools  and  techniques 
you  need  to  support  your  mobile  warriors. 

Log  on  to  www.nwfusion.com/net.worker/ 
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I  he  Compaq  laDiet  pc  lets  you  jot  down 
your  ideas  right  on  the  screen.  So,  unlike 
a  laptop,  you  don’t  need  to  open  it  to  use 
it.  Which  comes  in  handy  when  your 
work  space  is  hardly  any  space.  On  an 
airplane,  for  examplei 


. 


For  those  occasions  where  the  pen  isn't 
mightier  than  the  keyboard,  just  connect 
the  included  one  and  you’re  off  and  typing. 
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COMPAQ. 


Shown  monitor,  keyboard 
and  mouse  sold  separately. 


HP  recommends  Microsoft 
Windows®  XP  Professions 
for  Mobile  Computing. 
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Even  if  you're  a  Plutonium  1,000,000  K  Club  business  traveler,  you’ll  have  to  come 
back  to  the  office  eventually.  When  you  do,  just  set  your  Compaq  Tablet  PC  in  its 
optional  dock  and  you’re  good  to  go.  Or  stay,  as  the  situation  requires. 
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The  Compaq  Tablet  PC. 

Work  the  way  that  works  for  you. 

With  a  1  GHz  processor,  256 -768MB  of  RAM 
and  up  to  a  60GB  hard  drive,  the  Compaq 
Tablet  PC  does  what  you  need  a  laptop 
to  do.  But  when  it  comes  to  versatility,  it 
does  a  lot  more.  For  a  computer  that  adapts 
to  the  way  you  work  instead  of  the  other 
way  around,  call  1-800-888-8129  or  visit 
www.compaq.corn/tabletpc/ad. 

When  it  really  matters,  choose  Compaq. 
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Takes 


■  Raritan,  a  vendor  of  keyboard  - 
video-mouse  switches,  recently 
announced  a  product  that  lets  small 
and  midsize  data  centers  manage 
servers  and  other  network  devices 
distributed  across  networks  over  IP. 
Called  the  IP-Reach  M  Series,  the 
products  have  one-  and  two- port  con¬ 
figurations  that  attach  it  to  an 
Ethernet  network. 

From  IP-Reach  M  units,  administra¬ 
tors  can  access  network  devices  to 
manage  them.  The  products  are 
aimed  at  replacing  remote-access 
software,  which  requires  an  agent  on 
each  device.  A  Web-based  manage¬ 
ment  utility  allows  remote  access. 

The  IP-Reach  M  products  are  $2,800 
and  $3,800  for  one  and  two  ports, 
respectively,  and  are  available  now. 
www.raritan.com 

■  Linmor  Technologies  recently  an 
nounced  the  Nebula  PM  appliance 
for  network  performance  manage¬ 
ment.  The  rack-mountable  appliance 
is  based  on  Linux  and  tracks  perfor¬ 
mance  of  Layer  1  through  Layer  3 
switches,  routers  and  other  network 
devices.  The  box  performs  monitor¬ 
ing,  reporting  and  graphing  of  perfor¬ 
mance  data  on  network  devices. 
Nebula  PM  then  collects  the  perfor¬ 
mance  data  from  those  devices. 
Pricing  for  the  Nebula  PM  appliance 
starts  at  $9,500,  and  customers  can 
receive  a  25%  discount  through 
March  31,  2003.  www.linmor.com 

■  Storage  vendor  Northern  Park- 
life  has  rolled  out  a  free  software  util¬ 
ity  that  can  help  customers  determine 
the  cost  of  managing  their  companies’ 
storage.  Called  Cost  Wizard,  the 
tool  works  with  any  company’s  quota 
management  package  and  can  esti¬ 
mate  how  much  an  organization  will 
save  by  implementing  a  storage  re¬ 
source  management  package.Cost 
Wizard  generates  a  report  that  details 
disk  capacity,  free  disk  space,  number 
of  files  over  a  certain  size  and  how 
much  space  can  be  reclaimed  using  ^ 
quota  management  software.  Users 
can  download  the  software  from 
www.northern.net 


| 

12/2/02 

NetworkWorld 

□ 


■  TCP/IP,  LAN/WAN  SWITCHES 

■  ROUTERS  ■  HUBS 

■  ACCESS  DEVICES  ■  CLIENTS 

■  SERVERS  ■  OPERATING  SYSTEMS 
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Site:  Lessons  from  Leading  Users 

IP  VPN  extends  manufacturer’s  reach 


■  BY  ANN  BEDNARZ 

In  an  effort  to  save  money  and  tie 
together  its  widely  scattered  groups, 
Russ  Berrie  and  Co.  is  turning  to 
high-speed  IP  VPNs  to  augment  its  exist¬ 
ing  frame  relay  network  connections. 

In  the  past,  the  Oakland,  N. I,  manufac¬ 
turer  of  gift  items  has  relied  on  frame 
relay  to  connect  its  primary  overseas 
sales  offices  to  corporate  headquarters. 
But  frame  relay  is  expensive  —  too 
expensive  to  let  Russ  Berrie  connect  all 
its  remote  offices,  says  Renee  Steinfeld, 
network  administrator  at  the  company 
Frame  relay’s  high  price  tag  meant 
many  satellite  offices  were  without  a  di¬ 


rect  link  to  headquarters.  Russ  Berrie’s 
product-development  personnel  and 
manufacturing  subsidiaries  are  scat¬ 
tered  throughout  the  U.S.and  abroad. 

Enter  IP  VPNs,  which  let  the  company 
deliver  more  bandwidth  to  its  remote 
offices  for  less  money  than  frame  relay 
would,  Steinfeld  says. To  outfit  its  Seoul, 
South  Korea,  office,  Russ  Berrie  priced  a 
128K  bit/sec  frame  relay  circuit  at 
$3,000  per  month,  compared  with  $100 
a  month  for  a  768K  bit/sec  VPN  setup. 

In  this  case,  going  with  IP  VPN  was  an 
easy  decision  for  Russ  Berrie. The  Seoul 
office  had  no  link  to  corporate  head¬ 
quarters,  so  users  there  are  happy  to 
have  any  connection,  she  says. 


But  the  decision  to  deploy  IP  VPNs  is 
not  as  clear-cut  in  remote  offices  that 
are  accustomed  to  frame  relay  services, 
Steinfeld  says.  IP  VPNs  are  new  and  have 
a  reputation  for  not  being  as  reliable  or 
stable  as  frame  relay  circuits. The  possi¬ 
bility  of  worse  performance  has  Russ 
Berrie  in  no  rush  to  completely  swap 
existing  frame  relay  circuits  for  IP  VPN. 
At  least  not  yet,  she  says. 

Meanwhile,  for  its  new  connections, 
Russ  Berrie  is  working  with  Cisco  IP  VPN 
equipment. 

This  spring,  Russ  Berrie  activated  its 
first  two  VPN  links  at  the  company’s 
home  goods  division,  called  Russ 
Home,  in  Mount  Juliet,  Tenn.,  and  the 

See  IP  VPN,  page  22 


Switch  lightens  database  server  load 

■  BY  DENI  CONNOR 


Pools  of  data 
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DbSwitch  pools  database  environments  so  utilitzation 
is  increased  and  the  number  of  database  servers 
deployed  can  be  reduced. 
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A  PeopleSoft 
application  residing  on 
a  server  makes  a 
request  of  the  back¬ 
end  database  servers. 


DbSwitch  intercepts  the  request, 
processes  it  and,  based  on  its 
monitoring  of  database  operations, 
passes  it  to  a  database  server  in  the 
pool  that  can  handle  it  best. 


LEXINGTON,  MASS.  —  Start¬ 
up  Savantis  Systems  is  intro¬ 
ducing  a  switch  that  lets  users 
pool  databases  to  better  uti¬ 
lize  capacity  and  potentially 
reduce  the  number  of  data¬ 
base  servers  they  maintain. 

The  company  says  individ¬ 
ual  database  servers  typically 
are  only  7%  to  15%  utilized.  By 
combining  the  activities  of 
each  database  server  into  a 
pool, Savantis  can  redistribute 
that  utilization  so  database 
servers  are  used  more  equally 

Savantis  expects  its  db- 
Switch  to  be  available  in 
March  2003.  DbSwitch  con¬ 
nects  application  servers  to 
database  servers,  which,  in 
turn,  attach  to  shared  storage 
located  on  a  Fibre  Channel  storage-area 
network.  The  switch’s  software  combines 
the  database  environment  into  one  virtual 
pool  of  information  —  a  database-area  net¬ 
work,  the  company  calls  it  —  that  can  be 
managed  from  a  single  point  and  be  uti¬ 
lized  more  efficiently  Using  algorithms,  the 
dbSwitch  software  moves  applications 


from  database  server  to  server  based  on 
the  load  and  quality  of  service  needed. 

For  instance,  a  PeopleSoft  application 
residing  on  a  server  makes  a  request  of  the 
database  servers.  Because  dbSwitch 
knows  the  resource  utilization  patterns 
and  health  of  all  the  servers  in  the  data- 
area  network  based  on  historical  monitor¬ 


ing,  it  already  has  utilized  its 
resource  optimization  algo¬ 
rithm  to  determine  which 
physical  database  server 
will  process  the  request. 

“The  whole  concept  of 
consolidation  has  always 
been  around  creating  a 
pool  of  resources  and  using 
economies  of  scale  to  re¬ 
duce  the  number  of  re¬ 
sources  you  need  to  service 
your  organization,”  says  Gil 
Hecht,  president  and 
founder  of  Savantis. 

DbSwitch  uses  an  embed¬ 
ded  Linux  operating  system 
and  is  built  on  Intel  proces¬ 
sor  hardware.  Web-based 
management  software  lets 
IT  managers  monitor  sys¬ 
tems  remotely. 

Hecht,  formerly  vice  presi¬ 
dent  of  business  development  for  Aladdin 
Systems,  founded  Savantis  in  October 
2000. The  company,  which  has  25  employ¬ 
ees,  is  funded  by  Star  Ventures  and 
Highland  Capital  Partners  for  $5  million. 

DbSwitch  will  sell  for  approximately 
$150,000. 

Savantis:  www.savantis.com 
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Los  Alamos  builds  big  InfiniBand  cluster 


■  BY  ASHLEE  VANCE 

LOS  ALMOS,  N.M. —  Los  Alamos  National 
Laboratory  has  turned  to  server  maker 
Promicro  Systems  to  build  what  it  says  is 
the  largest  cluster  that  uses  the  fledgling 
InfiniBand  interconnect. 

Los  Alamos  recently  said  it  was  building 
a  128-processor  cluster  that  includes  Prom¬ 
icro  servers  running  on  Intel’s  Xeon  chips 
and  Linux.  The  government  lab  picked 
InfiniBand  for  the  high-speed  interconnect 


between  servers,  as  it  looks  to  test  the  tech¬ 
nology  for  possible  use  in  larger  systems. 
InfiniBand  provides  a  high-bandwidth, low- 
latency  interconnect  between  systems. 

The  use  of  InfiniBand  marks  an  effort  by 
Los  Alamos  to  shy  away  from  proprietary 
interconnects  from  Myricom  and  Qua¬ 
drics, says  Steve  Tenbrink,  a  group  leader  of 
network  engineering  group  at  Los  Alamos. 

“We  are  trying  to  push  open  standards 
for  interconnects  where  we  can,” 
Tenbrink  says. 


This  new  system,  equipped  with  faster 
Xeon  chips,  joins  a  growing  family  of 
Beowulf  Linux  clusters  at  the  laboratory 
Los  Alamos  used  low-power  Transmeta 
processors  in  an  RLX  Technologies-based 
server  blade  cluster  to  test  ways  to  lower 
cooling  costs  and  raise  the  stability  associ¬ 
ated  with  large  computers. 

While  Los  Alamos  has  yet  to  get  the  Xeon- 
based  cluster  up  and  running,  it  plans  to 
use  the  system  to  run  some  of  its  nuclear 
simulation  software.  But  it  will  depend  on 


how  well  InfiniBand  works  with  a  large 
number  of  computers, Tenebrink  says. 

“The  problem  is  that  as  you  scale  higher 
and  higher,  interconnect  performance 
tends  to  get  worse  and  worse.  You  really 
have  to  be  careful  how  you  address  that 
problem, ’’Tenbrink  says. 

Los  Alamos  expects  to  have  the  new  sys¬ 
tem  up  and  running  in  a  few  months. 

Vance  is  a  correspondent  with  the  IDG 
News  Sewice's  San  Francisco  bureau. 


Vendor  crafts  handheld 
access  to  corporate  apps 


■  BY  JOHN  COX 

LAS  VEGAS  —  At  the  recent 
Comdex  show,  National  Semi¬ 
conductor  showed  a  working 
prototype  of  a  handheld  com¬ 
puter  that  can  access  standard 
enterprise  applications  over  more 
wireless  infrastructures. 

Roughly  half  the  size  of  an  8.5- 
by-1 1-inch  paper  sheet,  the  Geode 
Extended 
Office  (GXO) 
device  was  de¬ 
signed  to  in- 
corporate 
Bluetooth  and  802.11b  wireless 
adapters.  GXO  can  use  a  Blue¬ 
tooth-equipped  cell  phone  as  a 
modem  over  cellular  connec¬ 
tions,  while  802.1  lb  can  use  wire¬ 
less  LANs  at  corporate  offices  or 
public  access  hotspots. 

Using  the  client  portion  of  Citrix 
Systems’  ICA  protocol,  the  device 
displays  the  user’s  complete  ser¬ 
ver-based  Microsoft  Outlook  e- 
mail  interface. The  Citrix  code  lets 
a  device  display  the  output  of 
Windows  or  Unix  applications 
running  on  servers. 

At  Comdex,  the  vendors  simulat¬ 
ed  an  electronic  interaction  be¬ 
tween  two  doctors,  who  used  soft¬ 
ware  from  Collabrix  to  review  an 
emergency  room  patient’s  history 
and  watch  a  video  that  showed  a 
scan  of  the  patient’s  heart.  Via  the 
Citrix  client  software  and  the 
Citrix  MetaFrame  server,  the  doc¬ 
tors  could  access  several  server 
applications. 

The  handheld,  officially  a  “con¬ 
cept  device"  instead  of  a  product, 
is  6  by  7.2  inches  by  1  inch  thick. 
With  batteries, the  GXO  is  far  from 
being  a  light-weight:  It  weighs  1 
pound  9  ounces.  But  National 
Semiconductor  and  its  partners, 
including  CoCom  International, 


which  did  the  hardware  engineer¬ 
ing,  and  Studio  Red,  which  creat¬ 
ed  the  aluminum  exterior  design, 
packed  a  lot  into  it: 

•  National’s  Geode  SC2200  pro¬ 
cessor,  designed  for  handhelds. 

•  Full  Windows  XP  Professional 
operating  system. 

•  A  lOG-byte  Toshiba  disk  drive. 

•  Integrated  high-end  video 
graphics. 

•  16-bit  full 
stereo  sound. 

•  6.3-inch, 
l,024-by-768- 
pixel  super¬ 
fine  TFT  LDC  display,  with  touch¬ 
screen  (four  times  the  size  and 
five  times  the  resolution  of  high- 
end  PDAs). 

•  A  built-in  VGA  video  camera. 

The  goal  of  the  project  was  to 

create  an  appliance-like  hand¬ 
held  computer  that  could  work 
smoothly  over  available  wireless 
connections,  with  existing  office 
and  enterprise  applications,  says 
Jeff  Water,  director  of  National 
Semiconductor’s  Consumer  Ac¬ 
cess  Business  Unit. 

As  with  all  such  devices,  there 
are  trade-offs.  The  GXO’s  display, 
while  crisp  and  brilliant,  renders 
a  full  Outlook  screen  in  very 
small  text.  An  executive  had  to 
adjust  the  font  size  to  make  it 
readable.  Its  size  and, especially,  its 
weight  mean  that  most  users 
wouldn’t  carry  it  around  in  their 
pockets  for  calendar  and  other 
personal  information  manage¬ 
ment  tasks. 

National  Semiconductor  is  talk¬ 
ing  with  device  manufacturers 
that  might  license  the  GXO  pack¬ 
age  of  chips,  system  software,  dri¬ 
vers  and  the  like  to  create  hand¬ 
held  products  in  the  future. 

National  Semiconductor:  www. 
national.com 
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IP  VPN 

continued  from  page  21 


Seoul  office. Showrooms  in  Chicago  and  through¬ 
out  the  U.S.  eventually  will  be  linked  via  VPN,  too, 
Steinfeld  says.  Plus,  two  sites  in  China  will  be 
ready  to  be  activated  as 
soon  as  local  ISPs  in  China 
get  their  lines  stabilized, 
she  says. 

“I’ve  already  configured 
the  routers,”  Steinfeld  says. 

“To  be  honest,  it  only  takes 
me  about  an  hour  to  con¬ 
figure  a  VPN  router  and 
send  it  out,  as  long  as  I  have 
the  ISP’s  information.  It’s 
very  simple.” 

Most  traffic  running  over 
the  network  is  generated 
via  enterprise  resource 
planning  (ERP)  and  e-mail 
applications,  she  says. 

The  new  VPN  links  let 
remote  design  and  sales 
offices  swap  product  de¬ 
sign  information  and  send 
electronic  transactions  to 
headquarters  using  new 
ERP  software  from  J.D.  Ed¬ 
wards  that  Russ  Berrie  is 
deploying. 

Before  the  VPN  rollout, 
users  in  South  Korea,  for 
example,  had  to  submit 
order  information  man¬ 
ually,  relying  on  phone 
calls,  faxes  and  multistep 
processes  that  required 
sending  orders  through 
many  offices  until  they 
reached  Hong  Kong,  which 
is  connected  to  corporate 
headquarters  via  frame 
relay 

Today,  users  in  South 
Korea  can  link  directly  to  the  ERP  system,  which 
consolidates  multiple  human  resources,  financial 
and  accounting  applications  on  one  platform.The 
combination  of  VPN  connectivity  and  a  single 


application  platform  means  more  users  can  get 
information  more  easily  and  consistently  than 
before,  Steinfeld  says. 

In  addition  to  the  remote  sites  outfitted  with  VPN 
routers,  Russ  Berrie  is  giving  certain  users  VPN 
client  software  for  remote  access.  So  far,  client  ac¬ 
cess  is  limited  to  the  IT  department  and  consul¬ 
tants  working  on  J.D.  Edwards’  implementation. 
Russ  Berrie  also  is  experimenting  with  using  a 
VPN  as  a  backup  for  its 
frame  relay-connected 
sites  in  the  U.K.  and  Hong 
Kong.  “They’ll  have  VPN, 
but  it  won’t  be  their  pri¬ 
mary  link,”  Steinfeld  says. 
“We’re  not  ready  to 
change  their  entire  infra¬ 
structure  just  yet.” 

Managing  the  VPN  gear 
remotely  so  far  hasn’t 
been  a  problem.  Steinfeld 
uses  dedicated  modem 
lines  to  dial  into  a  router 
to  troubleshoot  problems. 
“We  don’t  have  a  lot  of 
technical  people  who  are 
Cisco-sawy  in  our  other 
locations,  so  if  there’s  a 
software  upgrade  or  a 
new  application  that  we 
want  to  add  to  the  router, 
it's  easy  for  me  to  do  from 
here,”  she  says. 

When  Steinfeld  had  to 
install  Cisco  firewall  soft¬ 
ware  on  the  VPN  router  in 
South  Korea,  she  simply 
dialed  in  and  configured 
the  settings  remotely,  with¬ 
out  kicking  anybody  off 
the  net. 

So  far,  the  IP  VPN  con¬ 
nections  are  performing 
well.  “It’s  hiccuped  every 
once  in  a  while  —  it  went 
down  once  in  a  big 
storm, "she  says.“But  frame 
relay  would  have  gone 
down  in  the  storm,  too.” 

If  there’s  a  downside,  it’s  having  to  deal  with 
multiple  overseas  ISPs,  Steinfeld  says.  “Working 
with  ISPs  in  Asia  has  been  the  biggest  hurdle  that 
I’m  still  trying  to  jump  over( she  says.  ■ 


New  communications 

Russ  Berrie’s  new  VPN  enables 
electronic  transactions 
between  headquarters  and 
remote  design  and  sales  offices. 


Corporate  headquarters 


.  1  '  . 

aa  aa 


Mount  Juliet,  Tenn.  Seoul,  South  Korea 


O  Russ  Berrie’s  VPN  supports  512K  bit/sec  or 
768K  bit/sec  Internet  connection. 

0  The  home  goods  division  in  Mount  Juliet  can 
swap  product  design  information  electronically 
with  headquarters  via  VPN. 

©  Users  in  the  Seoul  sales  office  can  send 
electronic  transactions  via  VPN  to  Russ 
Berrie’s  corporate  ERP  system. 
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Spam,  spam,  spam,  lovely  spam 


Spam. As  a  food  we  celebrate  its  vir¬ 
tues  in  two  well-publicized  festi¬ 
vals,  one  in  Austin, Texas  (www.nwfu- 
sion.com,  DocFinder:  3325),  and  another 
in  Austin,  Minn.,  home  of  the  Spam 
Museum  (DocFinder:  3326).  Most  every¬ 


one  thinks  Spam,  the  food, is  a  fun  subject. 

Spam.  As  a  verb,  it  is  undoubtedly  the 
most  reviled  subject  in  cyberspace. 
Seemingly  mature,  rational  individuals 
seem  to  foam  at  the  mouth  when  the  sub¬ 
ject  is  raised.  And  this  occurs  even  if  we 


In  today's 

Network-dependent  business  environment 


i  for  branch  off  ices  and 
all  to  medium-sized 


companies 
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aren’t  talking  about  vile,  perverted  sexual 
practices. 

Even  receiving  yet-another  copy  of  the 
infamous  Nigerian  Spam  Scam  (Doc- 
Finder:  3327)  is  enough  to  set  them  off. 

I  use  a  combination  of  mail  filters  and 
the  delete  key  to  rid  myself  of  the  stuff  be¬ 
cause  I  have  many  fairly  widely  seen  ad¬ 
dresses,  leading  to  a  volume  of  about  500 
pieces  of  spam  per  day.  There  are  days 
when  more  than  90%  of  the  mail  I  receive 
can  be  classed  as  spam. 

Yes,  it’s  irritating,  but  when  my  most  lib¬ 
eral  friends  start  screaming  for  the  death 
penalty  for  spammers  I  begin  to  think  the 
problem  has  gotten  out  of  hand. 

Not  the  spam  problem  —  that’s  been  out 
of  hand  for  years.  No,  I  mean  the  antispam 
problem  that  threatens  to  totally  disrupt 
communications  through  the  use  of 
blacklists  (see  an  earlier  column  “Spam 
rebel  with  a  cause,”  DocFinder:  3328) 
while  diverting  attention  from  the  really 
insidious  security  threats  within  the  Inter¬ 
net.  Code  Red  and  Nimda  did  far  more 
damage  to  computer  systems  than  all  the 
spam  put  together  —  but  the  people  most 
often  criticized  were  not  the  creators  but 
those  who  didn’t  prevent  the  attacks  from 
occurring. 

Weeding  out  the  spam  in  your  e-mail  is 
no  different  than  weeding  out  the  un¬ 
wanted  marketing  materials  in  your  snail 
mail.  It’s  little  different  from  “weeding  out” 
the  weeds  in  your  garden. 

If  you  aren’t  vigilant,  the  weeds  will  over¬ 
whelm  the  flowers.  Many  of  us  have  nei¬ 
ther  the  time  nor  the  training  to  do  con¬ 
stant  weeding  in  the  garden,  so  we  hire 
people  to  do  the  weeding  for  us. 

But  if  you  do  that  and  the  person  you 
hire  pulls  up  flowers  along  with  the 
weeds,  do  you  simply  say  that  its  “accept¬ 
able  collateral  damage,” or  do  you  fire  that 
gardener  and  get  one  who  can  tell  the  dif¬ 
ference  between  a  weed  and  a  daffodil? 

You  should  use  the  same  care  when 
choosing  antispam  utilities  and  services. 


In  today's  Internet-driven  business  world, 
network  downtime  is  NOT  an  option  for 
any  company.  When  a  company's  WAN 
fails,  business  literally  comes  to  a  grinding 
halt.  The  consequences  are  dire 
particularly  for  small  and  medium  sized 
companies,  even  lor  branch  offices  of  large 
enterprises.  With  affordable  high  speed 
broadband  access  availability  everywhere, 
WAN  redundancy  is  no  longer  a  luxury 
only  larger  companies  could  afford. 


Introducing  the  /SurfJanus™  Family  of  Multi-Homed  WAN 
Gateways  from  Amplify.net! 

Enables  you  to  combine  up  to  3  WAN  lines  (T1 ,  Frame  Relay,  DSL,  cable 
and  wireless)  via  high  speed  Ethernet  ports  connected  to  the  same  or 
different  ISPs  to  give  your  network  automatic  WAN  backup,  fail-over  and 
recovery,  secured  with  firewall  and  VPN.  With  its  built-in  dynamic  WAN 
load  balancing,  you  also  get  the  extra  benefit  of  expanded  bandwidth. 

With  Amplify.net's  /SurfJanus,  WAN  redundancy  is  literally  a 
"No  Brainer"  decision  for  you! 

•  "No  Brainer"  Price 

•  "No  Brainer"  Installation 

•  "No  Brainer"  Interoperability 

•  "No  Brainer"  ROI 

Soy  goodbye  to  slow  and  expensive  ISDN  or  analog  backup 
today  and  give  your  WAN  the  redundancy  it  deserves! 


a  m  p!  i  fy .  net 


Can  you  afford  not  to  call  Amplify.net  now? 

Call  510  •  360  •  6071 ,  e-mail  info@amplifynet.com 
or  visit  www.amplifynet.com/isurfjanus 


Kearns ,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquill.  com. 


Tip  of  the  Week 

The  best  way  to  stop 

1  spammers  is  to  hit  them 

where  it  hurts  —  in  the  poc¬ 
ket  book.  Novell  did  that  to 
one  who  had  abused  its 
free  public  e-mail  hosting 
service,  MyRealBox  (www. 

myrealbox.com)  by  taking  it 

to  court  (see  DocFinder: 

3329)  and  winning.  It's  a 
small  victory,  but  one  we  all 

should  applaud. 

How  YOU  DOING  ON  THOSE  QUARTERLY  GOALS? 


When  you  rule  information  instead  of  the  other  way  around,  things  look  up. 
Every  day,  EMC  Automated  Networked  Storage  lets  IT  departments  cut  60 
percent  out  of  per-megabyte  costs,  consolidate  storage  management,  and  triple 
disk  utilization  —  all  at  a  surprisingly  affordable  price.  Which  might  explain 
why  no  one  delivers  more  networked  storage  than  EMC. 


Learn  how  other  companies  did  more  for  less  in  the  EMC  Answers  White  Paper  series  at  EMC.com/ANS 
MAXIMIZE  your  automated  networked  storage  knowledge  by  registering  for  monthly  updates  at  EMC.com/insite 
CALL  the  experts  and  discuss  how  you  really  can  get  more  for  less  with  EMC  at  1-866-464-7381. 


where  information  lives 


EMC2  and  EMC  are  registered  trademarks  and  where  information  lives  is  a  trademark  of  EMC  Corporation.  ©2002  EMC  Corporation.  All  rights  reserved. 


WARNING!  Web  pages,  executables  and 
other  attachments  may  contain  viruses 
that  can  be  harmful  to  your  computer. 

What  would  you  like  to  do  with  this  file? 


Open 

Save  to  disk 


Relax  completely  because  you  are 
protected  by  eTrust™  Antivirus,  which 
keeps  your  computer  and  network 
safe  from  even  the  most  malicious 
virus  threats. 


Protect  your  business  with  eTrust". 
For  more  information,  visit 

ca.com/etrust/antivirus 


eTrust™  Security  Solutions 


Computer  Associates™ 


©  2002  Computer  Associates  International.  Inc.  (CA)  All  rights  reserved. 


Antispam  help  is  on  the  way 

Recent  antispam  announcements 

Messaging  vendors  beef  up  their  filtering  capabilities. 


Company 

Product 

New  features 

Ships 

Cost 

Brightmail 

Anti-Spam  4.0 
Enterprise 

Edition 

Identifies  variations  of  the  same  spam 
message;  uses  HTTPS  instead  of  SMTP  to 
send  out  spam  rules  every  15  minutes; 
supports  Windows  2000. 

October 

$4  to  $15  per 
user,  per  year, 
depending  on 
number  of  users. 

Clearswift 

SpamActive 
filter  added  to 
Mailsweeper  for 
SMTP 

Scans  content  for  messages  previously 
identified  as  spam  or  showing  similar 
construction;  users  get  regular  updates  to 
an  antispam  database. 

August 

Free  to  Clearswift 
support  and 
maintenance 

customers. 

Lotus 

Domino  6 

Supports  external  black  lists;  features  an 
improved  mail  rules  section  that  lets 
administrators  quarantine  or  delete  messages 
with  spam  characteristics. 

October 

New  antispam 
features  come 
bundled  with 
Domino  6. 

Mirapoint 

Mirapoint 

Messaging 

Operating 

System  3.3 

Software  upgrade  to  Mirapoint  appliance 
analyzes  incoming  mail  for  spam 
characteristics;  updated  weekly  with  new 
antispam  rules;  supports  external  black  lists 
and  user-created  white  lists. 

November 

Antispam 
features  cost 
about  $1.25  per 

user. 

Sendmail 

Mainstream 
Manager  2.0 

Does  message  content  analysis,  statistical 
and  linguistic  antispam  analysis,  and  relay 
blocking. 

November 

Antispam  feat¬ 
ures  cost  about 
$5  per  user. 

Tumbleweed 

Messaging 
Management 
System  5.5 

Scans  HTML  code  embedded  in  messages,  ships 
with  an  antispam  lexicon  and  policies;  supports 
black  lists  and  user-created  white  lists. 

October 

N/A 

Collaboration  software 
gets  CAD  support 


Takes 

■  Macromedia  announced  last 
week  a  new  version  of  its  Direc¬ 
tor  MX  multimedia  authoring  soft¬ 
ware,  which  makes  it  easier  for 
customers  to  create  kiosk  and 
training  applications  that  are  ac¬ 
cessible  to  end  users  with  disabili¬ 
ties.  The  upgraded  software,  which 
is  scheduled  to  ship  this  month, 
meets  the  U.S.  federal  govern¬ 
ment's  Section  508  requirements 
for  Web  application  accessibility. 
The  new  version  of  Director  MX 
can  be  used  to  create  kiosks  in 
museums,  airports  or  government 
offices  that  have  speech  capabili¬ 
ties  similar  to  screen  readers  for 
visually  and  physically  impaired 
users.  One  possible  application  of 
the  software  is  creating  emer¬ 
gency  response  kiosks  that  can 
help  citizens  find  shelter  and  family 
members  in  the  case  of  a  catastro¬ 
phe  such  as  an  earthquake  or  ter¬ 
rorist  attack.  The  software  also 
can  be  used  to  create  CD  and 
DVDs,  online  courseware  and  Web- 
based  applications  with  built-in 
speech  capabilities.  Director  MX 
costs  $1,200  per  copy,  with  dis¬ 
counts  for  users  upgrading  from 
older  versions.  It  is  available  for 
Windows  and  Macintosh  platforms. 
www.macromedia.com 

■  Security  flaws  in  RealNet¬ 
works’  media  player  software 
could  let  attackers  run  arbitrary 
code  on  a  user's  computer,  the 
company  warned  last  week. 

Three  vulnerabilities  exist  in  the 
Windows  versions  of  the  RealOne 
Player  and  RealPlayer,  according 
to  a  statement  on  RealNetworks' 
Web  site.  By  encouraging  a 
RealOne  or  RealPlayer  user  to 
download  a  malformed  file,  an 
attacker  could  run  code  on  a  user’s 
system.  RealNetworks  recom¬ 
mends  users  install  a  patch  to  fix 
the  software,  although  there  are  no 
reports  so  far  of  attacks  using  the 
exploit.  The  RealNetworks  state¬ 
ment  is  at  www.nwfusion.com, 
DocFinder:  3334. 


■  BY  CAROLYN  DUFFY  MARSAN 

In  the  last  year,  spam  has  grown  from  a 
nuisance  to  a  nightmare  for  corporate  net¬ 
work  executives,  who  are  scrambling  to  re¬ 
spond  to  the  increased  volume  and  objec¬ 
tionable  content  of  unsolicited  commer¬ 
cial  email  messages  sent  to  end  users. 

In  response,  messaging  vendors  are  beef¬ 
ing  up  their  antispam  filtering  capabilities 
targeted  at  corporate  customers.  Among 
the  vendors  that  started  shipping  new  anti¬ 
spam  offerings  in  recent  weeks  are  Lotus, 
Mirapoint,Sendmail  and  Tumbleweed. 

Meanwhile,  Brightmail,  a  big  player  in 
antispam  packages  for  the  service  provider 
market,  in  October  stepped  up  its  push  into 
the  enterprise  market  with  Version  4.0  of  its 
Anti-Spam  software.  Brightmail’s  enterprise 
customers  include  Cypress  Semicon¬ 
ductor,  Motorola  and  Lycos. 

All  these  companies  sell  software 
designed  to  identify  and  stop  spam  at  the 
edge  of  corporate  networks,  before  these 
unwanted  messages  arrive  at  corporate 
e-mail  servers  or  are  sent  to  end  users.  At 
the  same  time,  these  software  packages 
aim  to  maintain  e-mail  system  perfor¬ 
mance  and  reject  as  few  mission-critical 
e-mail  messages  as  possible. 

“Enterprises  are  concerned  about  pro¬ 
tecting  their  networks  at  the  perimeter,  at 
the  e-mail  gateway  says  James  Kobielus,  a 
senior  analyst  with  Burton  Group,  which  in 
November  issued  a  report  on  combating 
spam,  and  a  Network  World  columnist. 
“They  want  a  floodwall  essentially  to  catch 
spam  . . .  [before]  spam  becomes  a  huge 
consumer  of  resources,  including  band¬ 
width,  CPU  and  mail  administration.” 

The  sheer  volume  of  spam  is  what’s  dri¬ 
ving  more  corporations  to  purchase  anti¬ 
spam  filtering  software.  Spam  represented 
between  8%  and  10%  of  all  e-mail  mes¬ 
sages  on  the  Internet  a  year  ago,  but  it  has 
grown  to  as  much  as  30%  to  40%  of  the 
messages  corporate  users  receive  today, 
experts  say. 

“Spam  is  the  No.l  problem  facing  e-mail 
administrators  and  e-mail  users,”  Kobielus 
says.  “It’s  out  of  control _ And  the  prob¬ 

lem  has  gotten  significantly  worse  in  the 
last  year. The  volume  has  grown  by  a  mul¬ 
tiple  of  four  to  five  in  a  year” 

Pornographic  spam,  in  particular,  is  on 
the  rise.  Kobielus  says  it  has  doubled  in 
the  last  year  and  now  accounts  for  10%  of 
all  spam. 

Network  managers  are  tackling  the  spam 

See  Spam,  page  30 


■  BY  JOHN  FONTANA 

CAMBRIDGE,  MASS.  —  With  an  eye 
toward  reducing  product  development 
cycles,  Web-based  collaboration  vendor 
eRoom  Technologies  is  adding  support 
for  CAD  drawings  to  its  online  meeting 
room  software  that  will  let  users  share, edit 
and  annotate  those  files. 

Online  collaboration  on  design  draw¬ 
ings  is  becoming  a  trend  in  manufactur¬ 
ing  as  companies  work  in  a  more  distrib¬ 
uted  fashion  in  their  own  companies  and 
with  business  partners,  experts  say 

With  eRoom  Viewer  for  CAD  Visual¬ 
ization,  eRoom  is  providing  browser-based 
access  to  two-dimensional  and  three- 
dimensional  CAD  and  Electronic  Design 
Automation  (EDA)  files  and  support  for 
more  than  200  engineering  and  business 
file  formats.  The  company  licensed  the 


technology  from  Cimmetry  Systems. 

“Online  collaboration  has  been  one  real 
bugaboo  in  trying  to  do  design  in  a  dis¬ 
tributed  world,”  says  John  MacKrell,  a 
senior  consultant  with  CIMdata.  “The 
trend  is  toward  online  meetings  that  can 
shorten  product  development  life  cycles 
and  take  the  pain  out  of  decision  making.” 

MacKrell  says  eRoom  falls  into  the  cate¬ 
gory  of  products  that  let  users  view  and 
discuss  a  drawing  but  require  an  engineer 
to  return  to  the  design  program  to  make 
changes.  He  says  vendors  such  as  CoCreate 
and  Alibre  let  users  collaborate  and  make 
changes  online.  He  says  it’s  not  a  matter  of 
which  class  of  products  is  better,  but  what 
fits  a  corporation’s  needs. 

“The  codesign  products  lean  toward  en¬ 
gineers  with  big  workstations  and  private 
lines,  while  eRoom  is  simple  enough  to  be 
See  eRoom,  page  30 
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A  resilient  architecture 


Sept.  1 1, 2001,  was  a  generally  quiet  day 
on  the  Internet.  This  was  true  even 
though  the  attacks  in  New  York  de¬ 
stroyed  some  important  network  facilities. 
It  might  not  have  looked  that  way  to  those 
trying  to  get  through  to  CNN  and  other 


news  sources,  but  those  problems  turned 
out  to  be  local  to  the  news  sources. 

There  also  were  connectivity  disruptions 
to  a  few  countries  because  of  poor  design 
choices  made  in  the  past. 

These  are  some  conclusions  in  a  recently 


APPLICATION  TRAFFIC  MANAGEMENT 
FROM  FB  NETWORKS,  _ 


a  revolutionary  new  method  for  providing  high  availability, 


security,  scalability  and  optimized  performance  for  enterprise 


applications,  mobile  computing  and  H/eb  services. 


SMART.  REALLY  SMART. 

It’s  the  only  product  that  can  inspect  IP  traffic  down  to  the  packet 
payload  level.  Relevant  information  can  then  be  extracted  to  make 
intelligent  decisions  for  directing  traffic  according  to  each  application 


MORE  ZOOM. 

New  intelligence  requires  more  horsepower.  BIG-IP  has  what  it  takes  — 
powerful  offloading,  inspection  and  processing  of  Layer  7  application-level 
transactions  that's  faster  than  any  other  product  on  the  market. 


EXTREMELY  SECURE.  — 

It  is  the  first  solution  that  can  automatically  respond  to,  act  upon  and  prevent  ever 
changing  application  security  threats  -  providing  a  coordinated  line  of  defense  while 
making  the  most  of  existing  network  security  products. 


released  National  Research  Council  report. 

On  a  somewhat  more  worrisome  note, 
the  report  indicates  that  the  Internet  might 
not  fare  so  well  if  it  was  the  direct  target  of 
a  major  attack. 

The  report,  “The  Internet  Under  Crisis 
Conditions:  Learning  from  Sept.  1  l,”is  avail¬ 
able  for  online  reading  (through  a  crappy 
reader)  or  purchase  at  www.nap.edu/cata 
log/10569.html?onpi_topnews_l  12002. 

The  main  reason  the  Internet  was  largely 
unaffected  on  Sept.  11  is  its  underlying 
architectural  vision.This  vision  comes  from 
some  early  research  that  led  to  the 
ARPANET  (see  “On  Distributed  Communi¬ 
cations:  Introduction  to  Distributed  Com¬ 
munications  Network”  at  www.nwfusion 
.com,  DocFinder:  3332)  and  the  initial 
ARPANET  design  philosophy  (“The  Design 
Philosophy  of  the  DARPA  Internet  Pro¬ 
tocols”  at  DocFinder:  3333). 

The  Internet  consists  of  many  highly 
interconnected  individual  networks,  most 
of  which  are  highly  interconnected  inter¬ 
nally  This  architecture  means  the  loss  of 
major  interconnection  points  or  major 
communications  links  has  little  effect 
because  the  traffic  just  bypasses  the  out¬ 
age  through  other  links  or  interconnec¬ 
tion  points. 

A  few  network  outages  occurred  Sept.  1 1 
in  which  the  connectivity  was  not  as  rich 
as  it  might  have  been  or  users  were 
directly  connected  to  network  equipment 
that  was  destroyed  or  which  lost  power 
in  the  aftermath.  But  these  outages  were 
isolated. 

Less  isolated  were  the  visible  problems 
with  news  sites  such  as  cnn.com.  These 
sites,  or  the  links  to  them,  quickly  became 
overloaded  as  office  workers  tried  to  find 
out  what  was  happening.  Most  problems 
were  fixed  within  a  few  hours  as  the  sites 
did  what  they  should  have  done  in  the  first 
place  and  distributed  their  content  among 
a  number  of  redundant  servers  around  the 
network.  The  same  basic  problem  struck 
South  Africa  when  it  turned  out  that  the 
country’s  name  server  was  not  replicated 
as  it  should  have  been,  but  instead  was  just 
located  in  New  York. 

The  report  specifically  does  not  attempt 
to  predict  how  the  Internet  would  perform 
if  its  infrastructure  was  the  target  of  a  sus¬ 
tained  attack.  One  hint  came  a  few  weeks 
ago  when  the  root  name  servers  were  sub¬ 
jected  to  a  denial-of-service  attack.  In  this 
case  there  was  little  effect, but  we  might  not 
be  so  lucky  in  the  future  unless  some  of  the 
known  vulnerabilities  are  addressed. 

This  type  of  objective  analysis  of  such  a 
terrible  day  does  make  me  feel  funny;  it’s  a 
bit  like  the  Federal  Aviation  Administration 
accident  investigators  saying  the  engines 
were  working  just  fine  when  a  plane 
crashed.  It  is  needed,  but  it  must  not  over¬ 
look  the  human  cost. 

Disclaimer:  No  joke  this  week.  I  am  not 
speaking  for  the  university  in  the  above. 

Bradner  is  a  consultant  for  Harvard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


As  the  world  leader  in  Internet  security,  Check  Point’s™  integrated  security  solutions  Connect,  Protect, 
Manage  and  Accelerate  the  network  security  of  more  than  1 00  million  users  worldwide. 


CONNECT.  Leading  global  companies  rely  on  Check  Point  VPN 
solutions  to  connect  employees  and  offices  everywhere.  Regardless  of 
where  business  happens— even  in  the  most  remote  locations— people 
and  companies  are  securely  connected  to  their  critical  information. 


PROTECT.  Check  Point’s  fail-safe  firewall  infrastructure  provides 
the  highest  level  of  security  for  every  network  from  the  edge  to  the 
core.  Our  authentication,  access  control,  and  content  security  features 
have  become  the  trusted  global  industry  standard. 


MANAGE  Check  Point’s  revolutionary  Security  Management 
Architecture  (SMART  -)  lets  you  instantly  deploy  and  distribute  security 
policies  regardless  of  user  location.  All  aspects  of  network  security  can 
be  defined  and  managed  from  a  single  console  dramatically  reducing 
your  total  cost  of  ownership. 

Find  out  the  latest  in  Internet  security  by  downloading  our  white 
at  www.checkpoint.com/wireless/nww  or  call  (866)  488-6686. 


ACCELERATE.  Check  Point’s  VPN  and  firewall  solutions  deliver 
wire-speed  performance  up  to  three  times  faster  than  other  network 
solutions.  Now  you  can  maintain  absolute  network 
security  without  sacrificing  the  performance  of  business- 
critical  applications  or  bogging  down  your  network. 

paper  “Building  Secure  Wireless  LANs” 

We  Secure  the  Internet. 


02002  Check  Point  Software  Technologies  Ltd.  Ail  rights  reserved. 
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Latis  rolls  out  wireless  LAN  protection 


■  BY  ELLEN  MESSMER 

SUPERIOR,  COLO. —  Latis  Networks  has 
introduced  an  802.11  wireless  LAN  secu¬ 
rity  gateway  that  enforces  user  authenti¬ 
cation  and  continuously  scans  the  wire¬ 
less  network  to  block  computer  worms 
and  Web  attacks. 

Installed  between  wireless  access  points 
and  wired  LAN,  the  StillSecure  Border 
Guard  Wireless  appliance  controls  wireless 
LAN  access  for  users.  It  competes  against 
similar  wireless  LAN  gateways  from  Blue- 
socket,  Cranite  Systems  and  ReefEdge.  But 
unlike  these  vendors,  Latis  focuses  on  pro¬ 
viding  intrusion  detection  and  some  con- 


Unlike  competitors'  products,  the  StillSecure 
Border  Guard  Wireless  appliance  provides 
intrusion  detection  and  some  content  filter¬ 
ing  for  802.11  access  points. 

tent  filtering  for  the  802.1 1  access  points. 

“It  can  filter  out  pornography  and  con¬ 
tent  based  on  keywords.  It  also  lets  you  see 
the  devices  on  the  wireless  network,”  says 
A1  Maxey,  a  network  engineer  for  MDA 
Technologies,  a  contractor  installing  the 
Latis  wireless  LAN  gateway  at  Potomac 
Hospital  in  Woodbridge.Va.,  which  uses  a 


mix  of  wireless  LAN  access  points  from 
Cisco,  Linksys  and  SMC  Networks. 

This  network-discovery  feature  of  the  Still¬ 
Secure  Border  Guard  Wireless  appliance  is 
intended  to  flexibly  meet  demands  for 
wireless  access,  says  Mitchell  Ashley  vice 
president  of  engineering  and  CIO  at  Latis. 
“By  scanning  the  network  to  keep  track  of 
all  the  authorized  access  points  and  users, 
you  can  set  a  policy  defined  as  either  ‘no 
access’  or  ‘Internet-only’  access,”  he  says. 

The  Internet-only  control  would  let  a  visi¬ 
tor  in  a  conference  room,  for  example, gain 
access  to  the  organization’s  wireless  LAN 
network,  but  prevent  the  visitor  from 
accessing  anything  except  the  Internet.The 


gateway’s  control  also  would  let  restric¬ 
tions  be  placed  on  a  subset  of  the  LAN. 

The  Latis  intrusion-detection  engine  for 
the  wireless  LAN  gateway  can  check  for 
about  1,800  signatu rebased  attacks,  such 
as  Nimda  or  Bugbear  worms,  but  it’s  not  a 
substitute  for  running  antivirus  software, 
Ashley  acknowledged.  The  StillSecure 
Border  Guard  Wireless  product,  which 
costs  $10,000,  also  can  be  purchased  as 
software  to  be  installed  on  any  Intel-based 
platform.  It  comes  with  a  Web-based  man¬ 
agement  console  for  administration  of  the 
wireless  security  policy  to  multiple  Still¬ 
Secure  Border  Guard  gateways. 

Latis:  www.stillsecure.com 


Spam 

continued  from  page  27 

problem  because  of  the  potential  legal  lia¬ 
bility  associated  with  pornographic  spam 
and  concerns  about  the  negative  effects  on 
end-user  productivity.  High  volumes  of 
spam  are  a  drain  on  network  resources 
such  as  e-mail  server  capacity,  Internet 
bandwidth  and  e-mail  archives. 

Dave  Giaramita,  an  e-mail  consultant 
working  on  a  project  for  an  energy  con¬ 
glomerate  in  San  Ramon,  Calif.,  sees  “stag¬ 
gering”  amounts  of  spam  each  day.  The 
company  has  80,000  email  recipients  on 
its  threetiered  email  system,  which  uses 
Sendmail’s  software  as  its  Internet  email 
gateway, Tumbleweed’s  SecureMail  5.0  as  a 
spam  blocker  and  Microsoft  Exchange  for 
its  email  servers. 

Spam  blocking  101 

Giaramita  says  the  company  receives  an 
average  of  328,000  inbound  email  mes¬ 
sages  each  day  and  that  236,000  of  them  — 
or  72%  —  are  blocked  as  spam.  A  black  list 
blocks  151,000  messages  before  they  enter 
the  company's  email  system.  (These  are 
often  the  same  message  sent  to  multiple 
users.)  Tumbleweed’s  software  catches 
another  85,000  spam  messages  per  day 

“I  estimate  it  takes  about  12  seconds  to 
process  a  single  spam  message,”  Giaramita 
says.'At  the  rate  we’re  seeing,  each  employ¬ 
ee  would  spend  about  five-and-a-half  hours 
a  year  processing  spam.  That’s  233,000 
hours  a  year  of  employee  time  spent  pro¬ 
cessing  spam.” 

Giaramita  says  that  if  the  company  didn’t 
block  spam,  it  would  cost  $14  million  in 
lost  productivity  He  arrives  at  this  figure  by 
determining  that  the  volume  of  spam 
would  require  147  full-time  employees  to 
process,  and  that  these  employees  would 
earn  $50  an  hour. 

“We’d  also  have  to  increase  our  email 
bandwidth  and  our  disk  servers,” Giaramita 
sun’s, adding  that  the  company  already  uses 
10  terabytes  of  disk  storage  to  house  its 
domestic  email. 

To  catch  all  the  spam,  the  company  has 


set  up  seven  dedicated  Tumbleweed  ser¬ 
vers.  These  servers  were  installed  in 
January  when  end  users  started  complain¬ 
ing  about  the  amount  of  spam. 

“Tumbleweed  is  getting  about  90%  of  the 
spam  coming  through,”  Giaramita  says. 
“Tumbleweed  costs  us  about  $100,000  a 
year,  including  support  and  hardware  de¬ 
preciation.  But  the  return  on  investment  is 
absolutely  worth  the  cost.” 

Giaramita  quarantines  spam  for  a  day  in 
case  an  important  message  accidentally 
is  blocked,  which  happened  once  with  a 
contract  that  used  the  phrase  “at  no  cost 
to  you.” 

“Our  false  positive  rate  is  very  very  low) 
he  adds. 

Messaging  vendors  are  improving  anti¬ 
spam  filtering  to  address  the  problems  e- 
mail  administrators  such  as  Giaramita  see 
each  day.  Antispam  features  are  being 
added  at  every  point  in  the  system:  at 
Internet  gateways,  between  gateways  and 
e-mail  servers,  at  e-mail  servers  and  at 
desktops. 

The  most  common  approach  is  to  put 
antispam  software  behind  the  firewall  to  fil¬ 
ter  inbound  Internet  messages  before  they 
are  sent  to  corporate  e-mail  servers.  Pro¬ 
viders  of  message  transfer  agent  software, 
including  Sendmail  and  Sun,  have  beefed 
up  their  antispam  filtering  as  has  message 
appliance  vendor  Mirapoint. 

Sendmail  in  November  announced  an 
antispam  filter  built  upon  technology  from 
Elron  Software,  which  sells  Internet  content 
filtering  products.  Similarly,  Mirapoint  last 
month  added  antispam  filtering  as  an 
option  to  the  operating  system  that  its  mail 
gateway  appliance  uses. 

Sun  has  offered  antispam  filtering  for 
years,  including  support  for  black  lists  and 
third-party  antispam  software  providers 
such  as  Brightmail  and  Trend  Micro.  In  the 
first  quarter  of  next  year,  Sun  plans  to  add 
antispam  capabilities  to  its  instant-messag¬ 
ing  server  software. 

Vendors  of  special-purpose  antispam 
software  also  are  improving  their  capabili¬ 
ties.  Brightmail  in  October  updated  its  en¬ 
terprise  offering  by  improving  its  accuracy 


and  adding  support  for  Windows  2000 
instead  of  only  Solaris.  Also  in  October, 
Tumbleweed  improved  the  antispam 
capabilities  of  its  Messaging  Management 
System,  which  now  scans  HTML  code 
embedded  in  messages  to  look  for  links  to 
spam  sites. 

Antispam  contingent 

E-mail  server  software  vendors  Lotus  and 
Microsoft  are  adding  antispam  capabilities 
to  provide  companies  with  an  extra  layer 
of  protection. Lotus  recently  added  support 
for  black  lists  and  antispam  rules  to  its 
Domino  6  server  software. 

Microsoft  says  the  next  version  of 
Exchange,  code-named  Titanium,  will  sup¬ 
port  real-time  black  lists  and  spam  “bea¬ 
con”  blocking  in  Outlook  Web  access  and 
Outlook  1 1  clients.  Beacon  blocking  pre¬ 
vents  the  download  of  images  that  send  a 
beacon  back  to  the  spammer  to  verify  an 
address  as  legitimate. 

Antispam  filtering  software  for  the  desk¬ 
top  also  is  available,  but  few  companies 
use  it.  Instead,  desktop  packages  from  ven- 


eRoom 

continued  from  page  27 

used  by  anyone,”  MacKrell  says.  He  also 
notes  that  CAD  vendors  are  adding  collab¬ 
oration  to  their  wares,  such  as  the  alliance 
3-D  design  software  maker  Parametric 
Technology  made  with  Groove  Networks 
in  February. 

With  eRoom,  users  can  load  a  CAD  file 
onto  the  eRoom  server  and  share  it  with 
anyone  with  a  Web  browser,  given  that  the 
Viewer  for  CAD  Visualization  is  a  server- 
side  Java  application.  Users  can  pan,  zoom 
and  rotate  a  drawing;  break  down  assem¬ 
blies;  and  view  component  pieces  of  a 
drawing.  Users  can  make  annotated  draw¬ 
ings  and  print  them  out. The  CAD  files  can 
be  incorporated  into  the  access  control, 
version  tracking,  notification  and  workflow 
capabilities  of  eRoom. 

“Text  files  are  not  enough  for  collabora¬ 
tion,”  says  Bryan  House,  product  marketing 


dors  such  as  Cloudmark,  MailFrontier  and 
Sunbelt  Software  are  geared  toward  home 
computer  users. 

Regardless  of  where  e-mail  administra¬ 
tors  place  spam  filtering,  they’re  getting 
positive  feedback  from  end  users  as  the 
volume  of  spam  declines. 

Dave  Leannah,  IT  director  at  Peltz  Group 
in  Milwaukee,  installed  Clearswift’s  new 
SpamActive  filter  on  his  company's  e-mail 
system  a  month  ago. The  filter  is  an  add-on 
to  Clearswift’s  Mailsweeper  for  Simple  Mail 
Transfer  Protocol  and  is  free  to  Clearswift 
support  customers. 

“1  kept  getting  more  and  more  com¬ 
plaints  from  end  users  who  came  in  to 
work  and  had  30  messages  of  spam 
instead  of  the  five  messages  they  used  to 
get,”  Leannah  says.“Women  were  getting 
this  horrific  pornographic  stuff  and 
were  calling  me  to  say  that  it  embar¬ 
rassed  them.” 

Leannah  runs  an  Exchange  e-mail  system 
with  130  users.  He  now  blocks  300  to  350 
spam  messages  a  day,  and  800  to  1,200  over 
the  weekend.  ■ 


Working  together 

The  visualization/collaboration 
market  generated 

$220M 

in  revenue  in  2001  and  has  a 
projected  growth  rate  of  25% 
for  2002,  according  to  ClMdata. 


manager  for  eRoom.  “We  are  expanding 
from  a  horizontal  solution  to  a  vertical 
industry  with  specific  applications." 

Viewer  for  CAD  Visualization  comes  in 
four  versions  ranging  from  2-D  view-only 
with  pricing  starting  at  $400  per  seat  to  2- 
D/3-D  view  with  annotation  support  that 
starts  at  $  1 ,500  per  seat.  The  software  is 
available  now.  ■ 


HOW  DOES 


PETER  HARRIS 


PLAY  TO  WIN? 


(e)  server 


Winning  with  e-commerce:  There’s  something  new  at  London’s  antiquarian  book  dealer  Peter 
Harrington.  They’re  selling  25%  of  their  volume  on  the  Web.  Their  platform?  The  easy-to-manage 
IBM  (©server  xSeries™  Select  xSeries  models  feature  the  Intel®  Xeon™  processor  to  give  you  superior 
performance  and  cost-effectiveness.  For  a  complimentary  IDG  report  on  how  growing  companies  are  using 
IT  to  advance  their  business,  go  to  ibm.com/eserver/peterharrington 
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All  numbers  and  results  reported  are  from  customer  sources.  This  customer  example  is  intended  as  an  illustration  only.  Costs  and  results  obtained  in  other  customer  environments  will  vary  depending,  among  other  things, 
on  individual  customer  configurations  and  conditions.  IBM.  the  e-business  logo,  e-business  is  the  game.  Play  to  win  and  xSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation 
Intel,  the  Intel  Inside  logo  and  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks 
or  service  marks  of  others.  ©2002  IBM  Corporation.  All  rights  reserved. 


HOW  DOES 
CHURCHILL 
PLAY  TO  WIN? 


(©server 


Linux"  ready  with  self-managing  features  for  every  e-business. 


InteP-based  /  xSeries™ 

It’s  an  affordable  and  powerful 
combination  of  mainframe- 
inspired  reliability  and  smart 
systems  management  tools. 


UNIX9/  pSeries™ 

Highly  available,  highly  affordable 
and  highly  coveted.  The  pSeries  is 
the  platform  of  choice  for  powerful 
UNIX  and  Linux  solutions. 


Midrange  /  iSeries™ 

Brings  easy-to-deploy,  plug  and 
play  e-business  to  your  business 
Sophisticated  technology  that’s 
easy  to  manage  and  Linux  ready. 


Mainframe  /  zSeries™ 

Maximum  reliability,  maximum  power, 
maximum  flexibility.  Designed  for 
up  to  99.999%  uptime1  to  handle  the 
demands  of  today’s  e-businesses. 


They  optimized  their  supply  chain  with  IBM  (©server  iSeries.  When  it  comes  to  supplying  hotel  chains  and 

restaurants  with  fine  china,  no  one  wants  to  wait  for  service.  So  Churchill  China  consolidated  their  e-commerce 
operation  onto  a  single  iSeries. Today,  they  can  dispatch  orders  within  24  hours  with  near-100%  accuracy.  For  a 
guide  on  server  consolidation,  go  to  ibm.com/eserver/churchill 


( Q  business  is  Hit 


Requires  Parallel  Sysplex'  environment.  All  numbers  and  results  reported  are  from  customer  sources. This  customer  example  is  intended  as  an  illustration  only.  Costs  and  results  obtained  in  other  customer  environments  will  vary  depending,  among  other  things, 
on  individual  customer  configurations  and  conditions  IBM,  the  e-business  logo,  e-business  is  the  game.  Play  to  win,  eServer.  iSeries,  pSeries.  xSeries,  zSeries  and  Parallel  Sysplex  are  trademarks  or  registered  trademarks  of  International  Business  Macru , 
Corporation  m  the  United  States  and  or  other  countries  Linux  is  a  registered  trademark  of  Linus  Torvalds  Intel  is  a  registered  trademark  of  Intel  Corporation  or  its  subsidiaries  in  the  United  Slates  and  other  countries.  UNIX  is  a  registered  trademark  of  The  Ope 
Group.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2002  IBM  Corporation.  All  rights  reserved. 
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Your  existing  phone  system  is  costing  you  more  money 
than  you  think.  To  learn  how  a  Shoreline  IP  Voice  System  can  drastically 
reduce  your  company  phone  expenses  while  adding  more  features  and  solid 
reliability,  call  1-877-80SHORE  or  visit:  http://savings.goshoreline.com 


BKF  Engineers  has  been  a  leading  civil  engineering  firm 
in  Northern  California  since  1915,  with  four  offices  and 
more  than  200  employees. 

SS'BKr 

Engineers  •  Surveyors  .•  Planners 

Enterprise  Aquisition  Costs 

SHORELINE 

LEGACY  PBX 

NET  SAVINGS 

Equipment  Network  Upgrades 

&  Installation  -  Hard  Costs 

Total  Enterprise  Aquisition 

$215,000 

$518,000 

$303,000 

Annual  Costs 

Management 

$2,000 

$25,000 

$23,000 

Maintenance 

$16,250 

$48,000 

$31,750 

Long  Distance 

$8,100 

$19,000 

$10,900 

TCO  Per  Year 

$26,350 

$92,000 

$65,650 

Total  Savings  Over  5  Years 

5631,250 

(Acquisition  plus  annual  TCO) 


“I've  been  in  technology  for  14 years.  I  would 
rank  Shoreline  as  one  of  the  5  hottest  products 
1  have  ever  seen.” 

Derrick  Crandell,  IT  Director,  BKF  Engineers 


Robust  IP  Phone  Systems 


©  Copyright  2002  Shoreline  Communications  and  the  Shoreline  Communications  logo  are  registered  trademarks  of  Shoreline  Communications,  Inc 
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NetworkWorld 


Sprint  buffs  up  managed  data  offerings 


■  BY  DENISE  PAPPALARDO 

KANSAS  CITY  MO.  —  Sprint  announced 
last  week  that  it  has  revamped  its  managed 
data  service  offerings  by  simplifying  the 
product  set  and  pricing  while  extending 
the  reach  of  its  management  capabilities. 

The  carrier  now  offers  two  service 
umbrellas,  called  Managed  Network  Ser¬ 
vice  Express  and  MNS  Custom.  Both  in¬ 
clude  monitoring  and  management  of 
routers,  switches,  hubs  and  servers  con¬ 
nected  to  frame  relay,  IB  ATM  or  private-line 
connections. 

MNS  Express  is  for  customers  with  five  to 
50  devices  who  need  monitoring  and  man¬ 
agement  of  their  network  and  devices.The 
service  includes  proactive  alarms  and  noti¬ 
fications  that  are  set  up  based  on  customer- 
dictated  thresholds,  network  fault  isolation 


■  Telstra,  the  largest  service  pro¬ 
vider  in  Australia  and  New  Zealand, 
recently  announced  it  is  deploying 
BroadSoft’s  voice-over-data  prod¬ 
ucts  in  its  network.  The  carrier  is 
rolling  out  BroadSoft's  BroadWorks 
servers  and  applications  to  offer  busi¬ 
nesses  hosted  voice-over-data  and 
voice  VPN  services.  The  services  will 
let  users  support  IP  phones,  legacy 
PBX  and  key  systems  on  one  data 
network.  Telstra  says  these  services 
will  be  rolled  out  by  year-end. 

■  Research  firm  ARS  says  promo¬ 
tional  service  rates  for  broad¬ 
band  services  are  coming  down, 

but  not  by  much.  Promotional  rates 
for  cable  modem  services  averaged 
$42.32  per  month  in  the  third  quarter. 
In  the  second  quarter,  the  average 
rate  was  $42.74  per  month  for  a  one- 
year  contract.  DSL  service  rates  are 
higher,  but  have  come  down  more,  by 
6%,  in  the  last  quarter.  Promotional 
rates  for  DSL  services  average  $44.52 
per  month,  while  last  quarter  promo¬ 
tional  rates  averaged  $47.42  per 
month.  The  rate  decreases  are 
notable  because  rates  primarily  went 
up  throughout  2001,  ARS  says. 


and  fault  resolution.  The  carrier  also  will 
monitor  the  availability  of  key  applications 
based  on  customer  specifications. 

For  instance,  if  a  user  says  its  e-mail  traffic 
should  be  delivered  within  50  msec 
between  Los  Angeles  and  New  York,  Sprint 
can  test  that  application  and  report  if  per¬ 
formance  changes. 

A  key  feature  that  Sprint  offers  is  multicar¬ 
rier  network  and  device  monitoring,  says 
Mickey  O’Dell,  director  of  managed  ser¬ 
vices,  at  the  carrier.  Sprint  will  manage  a 
customer’s  entire  WAN,  including  network 
connections  from  other  carriers. 

“Sprint  is  somewhat  enlightened  in  sup¬ 
porting  management  over  multiple  carrier 
networks,”  says  David  Willis,  a  vice  presi¬ 
dent  at  Meta  Group.The  management  sup¬ 
port  does  not  include  the  same  [service- 
level  agreements  that  Sprint  offers] ,  but  the 
management  arm  is  closer  to  what  users 
would  do  if  managing  their  WAN  in-house.” 

Willis  says  Sprint  is  the  only  carrier  offer¬ 
ing  management  support  over  other  pro¬ 
viders’  connections  as  a  standard  service 
feature.  This  lets  customers  use  Sprint  as 
their  primary  data  carrier,  but  also  use 


■  BY  MICHAEL  MARTIN 

SAN  ANTONIO, TEXAS  —  SBC  Communi¬ 
cations  last  week  rolled  out  standardized 
national  data  services,  letting  SBC  business 
customers  get  the  same  speed,  service 
level  and  pricing  options  across  the  U.S. 

Until  last  week,SBC’s  pricing,  speeds  and 
service-level  agreements  varied  even  with¬ 
in  SBC’s  four  primary  regional  units  —  SBC 
Southwestern  Bell,  SBC  Pacific  Bell,  SBC 
Ameritech  and  SBC  Nevada  Bell. 

“Now  a  customer  with  offices  across  all 
four  territories  and  across  the  country  can 
get  the  same  options  in  terms  of  ordering, 
provisioning,  speeds  and  pricing,”  says 
Mark  Fischler,  vice  president  of  product 
management  for  data  networking  at  SBC. 

The  standardized  plans  will  cover  frame 
relay,  ATM  and  private-line  services.  Curr¬ 
ently,  long-distance  options  are  available 
only  in  SBC’s  Southwestern  Bell  territory 
Long-distance  service  will  be  offered  as 
an  option  in  SBC’s  SNET  territory  later  this 
year.  The  other  regions  will  be  added 
as  long  as  SBC  wins  more  long-distance 
approvals  from  the  Federal  Com¬ 


other  providers  for  backup  or  network 
diversity  and  yet  still  view  all  connections 
using  one  management  platform,  he  says. 

Network  diversity  is  the  “general  tenor  in 
the  market  todaY’  he  says. 

Sprint  has  simplified  its  pricing. While  the 
carrier  would  not  offer  specific  rates,  it  says 
customers  pay  a  flat  monthly  fee  that  is 
based  on  the  number  of  devices  moni- 
tored.“Customers  pay  the  same  price  for  a 
Cisco  1 700  router  as  they  would  for  a  Cisco 
7500  router]’ O’Dell  says. 

While  the  standard  offering  includes 
monitoring  and  management,  O’Dell  says 
the  carrier  offers  a  less-expensive  monitor- 
ing-only  version  of  MNS  Express. 

MNS  Custom  includes  the  same  features 
as  MNS  Express,  but  users  can  add  man¬ 
agement  features  for  multiprocotol  sup¬ 
port  or  applications  such  as  voice  over  IP 

While  users  can  customize  much  of  their 
MNS  Custom  network  setup,  O’Dell  says 
Sprint  is  focused  on  fast  installations.  Sprint 
can  accomplish  timely  installations  be¬ 
cause  users  primarily  will  work  from  a  “set 
of  building  blocks”  that  Sprint  can  install 
and  set  up  quickly  he  says.H 


National  aspirations 

Enhancements  to  SBC's  data 

offerings  include: 

•  Standardized  speeds  and 
prices  across  the  country. 

•  Business-recovery  services, 
including  redundant  routing 
and  disaster  recovery. 

•  Better  service-level 
agreements  with  improved 
latency  guaranteees. 


munications  Commission. 

As  an  example  of  how  the  standardized 
plans  will  help  customers,  Fischler  points 
to  California,  where  SBC  customers  wanti¬ 
ng  fractional  DS-1  services  previously 
could  choose  only  between  128K  and 
384K  bit/sec  speeds.  Now  those  customers 
can  choose  between  128K  ,256K  ,384K  , 
512K  and  768K  bit/sec. 

SBC  also  continues  to  deploy  its  national 


Service  makeover 

Sprint  has  refined  its  Managed 
Network  Services  under  three 
categories. 


Fault  isolation  management: 
Proactive  alarming  and  notification. 
Network  fault  isolation. 
Fault-resolution  management  and 
reporting. 


Monitoring  and  management: 

CSU/DSU,  router,  switch,  hub 
implementation  management. 
Configuration  management. 
Change  management. 

Application  and  server  monitoring. 
Third-party  WAN  transport  device 
monitoring. 


Service  initiaiization: 
Network  design. 

Network  engineering. 
Network  implementation. 


backbone  network.  When  it’s  finished,  the 
network  will  be  fully  redundant  with  a  core 
speed  of  OC-192.  SBC  plans  to  use  Multi¬ 
protocol  Label  Switching  to  let  the  back¬ 
bone  carry  a  variety  of  service  offerings. 

The  backbone  should  be  completed  by 
mid-2003,  Fischler  says.  A  lack  of  FCC 
approval  for  long-distance  services  in  all 
of  SBC’s  local  markets  is  holding  the 
provider  back,  he  says. 

In  addition  to  the  standardized  service 
schemes,  SBC  now  offers  customers  busi¬ 
ness-continuity  plans.  The  plans  include 
features  such  as  alternate  routing  and  dis¬ 
aster  recovery. 

SBC’s  long-distance  strategy  will  mirror 
the  previously  announced  plans  of  fellow 
regional  Bell  operating  companies  Veri¬ 
zon  and  BellSouth.  SBC  will  focus  on  sell¬ 
ing  long-distance  services  to  companies 
that  are  already  SBC  local  customers. The 
national  backbone  and  standardized 
plans  will  let  SBC  offer  long-distance  to 
those  customers'  branch  offices  anywheie 
in  the  U.S.,once  SBC  wraps  up  its  long-di:- 
tance  approvals. 

SBC:  www.sbc.com 


SBC  unifies  offerings  across  U.S. 
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The  road  toward  successful  streamlining 


Several  of  my  recent  columns  have 
touched  on  the  importance  of  lower¬ 
ing  operational  costs.  Most  recently,  I 
discussed  the  crushing  operational  over¬ 
head  that  many  telephone  companies 
endure  (60%  to  70%  of  service  costs  are 


because  of  operational  overhead). 

The  challenge  isn’t  limited  to  service 
providers.  A  majority  of  companies  we  sur¬ 
veyed  for  an  upcoming  report  on  Web  ser¬ 
vices  indicate  that  reducing  overhead  is  a 
critical  challenge  for  them.“Mission  No.l  is 


Wondering  what's 
the  best  solution 
for  your  voice  and 
data  networks? 


We  have  your 

answers . 


Miercom 

The  leading  edge  in  networking  information 

Providing  consulting  and 
product  testing  services  in: 

S  VOICE  NETWORK 

VoIP  technology,  IP  PBX,  IP  Phones 

S  DATA  NETWORK 

LAN/WAN,  Storage,  Servers,  Routers 

V  BUSINESS  CONTINUANCE 

Security  and  Survivability 


“We  have  worked  with  Miercom  on  several  Voice  over  IP 
reviews  in  the  last  several  years.  We  have  found  their 
reviews  to  be  both  insightful  and  direct.  The  methods 
they  use  to  do  their  testing  are  thorough  and  show 
‘out  of  the  box’  thinking  to  develop  ways  to  test  items 
that  will  be  important  to  the  readers.  The  feedback 
given  to  Cisco  has  been  invaluable  in  our  product 
planning.  These  evaluations  assist  not  only  the  readers, 
but  Cisco’s  customers  as  a  whole  by  making  our 
products  better.” 

-Jonathan  Davidson,  senior  manager, 

Technical  Marketing  at  Cisco  Systems,  Inc. 


Miercom  is  a  proud  member  of  the 
Network  World  Global  Test  Alliance 


NetwofkWorid 
Global, 

TEST 
ALLIANCE 


efficiency  —  driving  the  unit  cost  of  sup¬ 
port  down.  Everything  we  do  is  focused  on 
that,”  says  the  CTO  of  a  large  financial  ser¬ 
vices  firm. 

Strategically  deploying  technology  can 
help  a  company  achieve  this,  but  it’s  not 
the  whole  story.  Successful  operational 
streamlining  also  requires  effective  bench¬ 
marking  and  a  supportive  culture.  Let’s 
look  at  each  in  turn. 

Strategic  technology  deployment.  A  sig¬ 
nificant  percentage  of  companies  sur¬ 
veyed  told  us  that  Web  services  are  an 
effective  way  to  lower  operational  costs.  By 
centralizing  accounting  or  customer  ser¬ 
vice  via  Web  services,  a  company  can  get 
away  with  fewer  accountants  or  customer 
support  personnel.  One  organization  cost- 
justified  a  multimillion-dollar  rollout  of 
Web  services  on  the  grounds  that  it  let 
them  reduce  the  accounting  department 
by  500  positions. 

However,  there’s  a  catch:  If  the  cost-sav¬ 
ings  are  outside  the  IT  budget,  ensuring 
that  they  actually  accrue  requires  effective 
benchmarking  and  a  companywide  align¬ 
ment  of  goals.  That  brings  us  to  the  next 
two  points. 

Effective  benchmarking.  Once  a  poten¬ 
tial  cost  savings  has  been  identified,  an 
organization  needs  to  have  the  processes 
in  place  to  measure  the  savings.This  is  a  lot 
harder  than  it  sounds  because  it  might  be 
considerably  out  of  the  traditional  scope  of 
IT  departments. 

If  a  new  technology  has  been  deployed 
with  the  goal  of  reducing  headcount  in, say, 
accounting,  someone  has  to  validate  that 
the  head-count  reduction  occurred  and 
that  it  didn’t  result  in  unintended  costs. 
Most  organizations  don’t  perform  this  kind 
of  benchmarking  regularly.  Worse,  most 
aren’t  even  sure  who  should  be  doing  it. 

Goal  alignment.  Regardless  of  who  per¬ 
forms  the  benchmarking,  there  has  to  be 
companywide  agreement  that  an  initiative 
is  worth  the  effort.  That  means  ensuring 
that  everyone  —  lines  of  business,  IT  and 
non-IT  centralized  services  —  commit  to 
realizing  the  promised  results.  “If  the  busi¬ 
ness  unit  really  wants  something  to  be 
done,  they’re  going  to  have  to  belly  up  to 
the  bar.  If  they  claim  that  it’s  going  to  save 
them  a  million  dollars,  the  money  disap¬ 
pears  from  their  budgets.  If  they  aren’t  will¬ 
ing  to  sign  up  for  it,  it  doesn’t  get  done," says 
the  CIO  of  one  manufacturing  company. 

Most  organizations  are  only  about  33%  of 
the  way  there.  They’ve  mastered  the  art  of 
deploying  strategic  technologies  but  are 
wrestling  with  effective  benchmarking  and 
goal  alignment.  For  more  tips  on  how 
they’re  coping, stay  tuned. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  a  technology 
research  firm.  She  can  be  reached  at 
johna@nemertes.  com. 
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The  Javits  Center 
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Minds  Meet 


Linux  is  thriving!  Financial  services,  telecommunications,  government  and  retail  are 
utilizing  this  amazing  technology.  Shouldn’t  you? 

•  Attend  Keynotes  and  learn  from  inspiring  visionaries  who  are  devoted  to  Linux  and  Open  Source. 

-  Hector  Ruiz,  Ph.  D.,  President  &  CEO,  AMD 

-  Jeffrey  M.  Birnbaum,  Managing  Director  &  Global  Head  of  Enterprise  Computing  in  the  Institutional 
Securities  Division,  Morgan  Stanley 

-  Michael  Tiemann,  Chief  Technical  Officer,  Red  Hat 

-  Steven  A.  Mills,  Senior  Vice  President  &  Group  Executive,  IBM  Corporation 

-  Randy  Mott,  Senior  Vice  President  &  Chief  Information  Officer,  Dell  Computer  Corporation 


LINUX  FINANCIAL  SUMMIT 


All-new  -  Linux  Financial  Summit  is  an  executive  program  created  to 
address  the  growing  demand  for  quality  information  and  insight  on 
Linux  and  Open  Source  solutions  for  the  financial  industry. 

Sponsored  by: 

egenera  i » v . „ t 


Check  out  the  all-new  Enterprise  Solutions  Center,  where  you’ll 
experience  multi-vendor  Linux  and  Open  Source  enterprise  solution 
demonstrations. 


Presented  by: 

©LINUX)  WiL0PEN 

international  SOURCE 


•  Participate  in  LinuxWorlds  world-class  education  program  and  learn  how  Linux  has  been 
implemented  in  financial  services,  communications  and  government,  gain  technical  and  enterprise 
know-how  in  areas  such  as  sys  admin,  business  and  emerging  technologies. 

•  Explore  the  newest  technologies  from  leading  Linux  and  Open  Source  suppliers  and  a  growing 
array  of  start-ups. 

•  Take  your  seat  at  The  Golden  Penguin  Bowl,  the  lively  quiz  show. 


www.  linuxworldexpo .  com  WmLDDTO 


Cornerstone  Sponsor 

Platinum  Sponsors 

m 

invent 

® 

AMD£!  Ilfifi.  int^ 

L  4}  redhat.  ^ 

We  make  the  net  work. 

Silver  Sponsors 


ma£  rovision 

Globetrotter  Software  Division 


UNITEDLINUX 


HIPAA  Studio.  It's  the 
perfect  prescription  for  a 
robust,  flexible  platform 
to  achieve  the  mandated 
compliance  with  HIPAA 
transaction  standards. 

This  powerful  software 
solution  is  just  one  of 
the  software  integration 
technologies  available 
today  from  Sybase. 


Leveraging  our  expertise 
in  database  technology 


The  Software 
Integration  Company. 

We  can  help  you  integrate 
all  the  data  and  business 
applications  in  your 
enterprise  and  extend 
them  to  any  location  in 
the  world.  So  you  can 
improve  efficiency  while 
preserving  your  existing 
infrastructure  investments. 
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AND  OTHER  COMMON  SYMPTOMS  OF 


I  Sybase 


and  powerful  integration 
tools,  we  can  help  you 
integrate  all  the  data  and 
business  applications  in 
your  enterprise. 

So  you  can  extract  the 
maximum  value  from 
not  only  your  current 
infrastructure,  but  also 
from  all  the  information 
that  resides  within  it. 

Find  out  more  today  by 
visiting  us  at  sybase.com/ 
integrationsolutions. 

And  relax. 


02002  Sybase,  Inc.  All  rights  reserved.  All  trademarks  are  the  property  of  their  respective  owners. 


VocalTec  head  says 
VoIP  adoption  coming 
slowly  to  U.S. 


The  past  two  years  have  been  tough  for  VocalTec: 
Revenue  dropped  from  $41.9  million  in  2000  to  $28.4 
million  in  2001,  and  through  three  quarters  of  this  year  sales  are  $13. 1  mil¬ 
lion.  Despite  this,  the  Israeli  company  expects  conditions  to  improve  as 
more  carriers  adopt  voice  over  IR  first  along  international  routes  and  later 
in  national  and  local  networks.  VocalTec  Chairman  and  CEO  Elon  Ganor 
recently  spoke  with  Network  World  Senior  Editor  Tim  Greene  about  the 
prospects  for  service  provider  IP  telephony. 


How  do  you  view  U.S.  carrier  interest  in  voice  over  IP? 

The  advantages  that  VoIP  provides  are  really  in  reduction  of  operating  expenses. 
But  in  the  times  that  we  live,  most  companies  are  looking  for  new  sources  of  rev¬ 
enue  and  not  necessarily  just  in  reduction  of  operational  expenditures  and  capital 
expenditures.  So  on  domestic  long-distance,  we  have  not  seen  —  we,  the  VoIP 
industry  —  a  tremendous  push  within  the  country 
What  we  are  seeing  is  that  the  initial  drive  is  really  in  markets  in  which  you  see 
deregulation  happening  with  new  commerce  coming  in  as  competitive  or  alterna¬ 


tive  carriers.  Moving  forward,  we  are  starting  to  see  applications  such  as  prepaid 
calling  cards  and  additional  ones  that  can  be  done  much  easier,  quicker  and 
sometimes  only  on  VoIP  systems.  So  we  are  starting  to  see  carriers  that  are  looking 
at  VoIP  for  substitution  of  traditional  infrastructure.  It’s  not  moving  very  fast,  but  it  is 
moving.lt  is,  without  any  doubt,  coming. 

When? 

The  majority  of  experts  said  by  2006  50%  of  the  world’s  traffic  will  be 
using  VoIP  I  talked  to  carriers,  the  large  carriers,  and  I  can  tell  you  that  their  view 
is  similar. 

What  will  drive  the  rticyor  local  carriers  to  VoIP? 

Regional  Bell  operating  companies  with  existing  infrastructure  have  less  need  to 
compete  for  a  while  because  of  the  death  of  the  competitive  carriers. The  urge  to 
protect  is  not  as  strong  as  it  was.  On  the  other  hand,  though, you  see  that  the  fixed- 
line  guys  are  losing  quite  a  bit  on  the  traditional  fixed  line.  SBC  Communications 
showed  a  9%  decline  in  the  number  of  fixed  lines  in  2001.  So  the  real  competitor 
for  them  is  the  mobile. 

If  you  want  to  compete  against  home  lines  with  mobile  phones,  the  only  way  to 
go  is  packetized  telephony  It’s  a  question  of  scalability  of  gaining  confidence  that 
the  softswitch-based  systems  can  really  replace  traditional  switches. 

What  should  corporate  telecom  people  be  looking  for  in  terms  of  VoIP?  How  should  they  pre¬ 
pare  for  this  eventuality? 

They  will  start  adding  the  voice  communication  for  their  organization  on  the 
data  network.The  traditional  carrier  will  be  acting  for  them  as  an  application  ser¬ 
vice  provider  providing  them  with  maintenance  —  and  maintenance  means  the 
maintenance  of  dialing  plans, supporting  of  the  equipment  just  as  they  do  for 
PBXs  and  so  forth  —  but  generally  the  voice  will  be  running  on  their  own  corpo¬ 
rate  data  network.They  may  expect  a  very  significant  reduction  for  their  voice 

See  VocalTec,  page  40 


Juniper’s  MINT  offers  profitable  data 

■  BY  JIM  DUFFY 


Takes 

■  Lucent  and  Sun  last  week  an¬ 
nounced  an  expansion  of  an  alliance 
to  bundle  their  products  for  wire 
line  and  wireless  service  providers. 

The  companies  say  they  will  work 
together  in  Asia,  Europe  and  Latin 
America,  and  have  established  sales 
resources  and  other  operational  prac¬ 
tices  to  make  service  provider  sales  of 
their  combined  offerings  as  a  man¬ 
aged  service  offering  more  efficient. 
This  marketing  initiative,  which  start¬ 
ed  in  North  America,  is  now  in  place 
on  a  global  basis  across  all  lines  of 
business  within  both  companies,  they 
say.  The  Lucent  and  Sun  alliance  is 
pursuing  joint  sales  activities  in  the 
areas  of  IP  Centrex,  CRM,  mobile 
high-speed  data,  and  business-conti¬ 
nuity  systems  and  services. 


SUNNYVALE,  CALIF —  Juniper  Networks 
this  week  is  unveiling  a  plan  designed  to  let 
service  providers  profitably  address  under¬ 
served  markets  without  commoditizing 
their  offerings. 

Supporting  the  framework  are  several 
new  products  Juniper  will  roll  out  later  this 
month  and  early  next  year. 

Juniper’s  concept  is  called  the  Model 
for  Integrated  Network  Transformation 
(MINT).  MINT  attempts  to  let  service  pro¬ 
viders  address  large  and  niche  markets  by 
scaling  their  offerings  to  appeal  to  con¬ 
sumers,  low-end  businesses,  and  mid-  to 
high-end  businesses. 

But  with  scale  comes  commodity  pricing 
and  lack  of  profits. So  MINT  also  proposes  a 
model  whereby  service  providers  generate 
profit  through  service  customization  and 
added  value  as  they  scale  their  services  to 
address  markets  that  are  untapped  or 
underaddressed. 

“We  want  it  to  be  a  framework  for  the 


industry’  says  Christine  Heckart,  vice  presi¬ 
dent  of  marketing  for  Juniper.  Heckart  says 
MINT  applies  techniques  considered  “best 
practices”  for  voice  within  the  data  network 
industry. 

Juniper  says  it  would  like  MINT  to  create 
demand  for  Juniper  products  by  demon¬ 
strating  how  service  providers  can  derive 
profitability  from  data  services,  especially 
IP  services.  Research  firm  RHK  in  August 
showed  that  while  Internet  traffic  grows  at 
an  annual  rate  of  100%,  revenue  grows  at 
only  17%. 

The  MINT  framework  encompasses  basic 
transport  and  connectivity  at  its  founda¬ 
tion,  and  policy  and  control  at  its  peak.  In 
between  are  resource  segmentation  and 
packet  processing.  The  layers  of  MINT  are 
interdependent. 

The  transport  and  connectivity  layer,  nat¬ 
urally,  encompasses  Juniper’s  edge  and 
core  IP  routers. The  resource  segmentation 
layer  suggests  creation  of  a  service  inde¬ 
pendent  resource  pool  by  using  Multi-pro¬ 
tocol  Label  Switching  (MPLS)  to  partition 


Why  transform? 

Juniper’s  rationale  for  its  MINT 
framework. 

•  Current  revenues  under  pressure 

from  a  facilities-centric  model,  which: 

-  Is  capital-intense. 

-  Forces  scale  addiction. 

-  Encourages  commoditization. 

•  New  services  hard  to  roll  out. 

Today's  services  are  inflexible  and 
difficult  to  up-sell.  New  markets 
are  underaddressed  because  of 
inappropriate  operations  models. 

•  Profit-centric  model  needed 

to  resolve  scale/profit  conflict  and 
inject  a  fresh  operations  model. 

ATM,  frame  relay  private  line,  voice,  IP  and 
public  Internet  assets  into  virtual  overlays. 
The  IP  overlays  would  support  the  scale 

MINT,  page  40 
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Optical  subsets  up  while  market  slumps 


■  BY  JIM  DUFFY 

Leading  research  firms  recently 
released  figures  and  made  state 
ments  indicating  that  certain  sub¬ 
sets  of  the  worldwide  optical- 
hardware  market  are  experienc¬ 
ing  healthy  growth  while  the 
overall  market  languishes. 

In  the  long-haul,  revenue  will 
decrease  by  50%  this  year  from 
last  and  remain  relatively  flat  until 
about  2007,  according  to  Probe 
Research.  A  slight  improvement 


MINT 

continued  from  page  39 

to  address  lucrative  underserved 
markets,  Juniper  says,  while  the 
consolidated  overlays  —  ATM/ 
frame,  private, voice  and  others  — 
would  collapse  “conventional” 
services  for  more  mainstream 
markets. 

The  packet-processing  layer 
would  filter,  prioritize,  encrypt 
and  classify  packets  according  to 
user  need,  and  the  policy  and 
control  layer  would  map  users  to 
customized  services  and  to  back- 
office  accounting  and  billing 
applications.  For  example,  a  user 
request  for  on-demand  video 
would  activate  increased  band¬ 
width  and  packet  priority,  Juniper 
says,  while  generating  the  associ¬ 
ated  billing  records. 

Products  associated  with  the 
MINT  framework  include: 

•  A  second  generation  of  ATM 
physical  interface  cards  (PIC)  for 
Juniper  M-series  and  T-series 
routers,  and  IPv6  capabilities  for 
the  vendor’s  ERX  edge  router. 

•  IPv6  VPN  and  transparent 
LAN  support  on  the  routers. 

•  New  PICs  with  a  processor 
dedicated  to  packet  queuing. 

•  Integration  of  third-party  op¬ 
erations  support  system  applica¬ 
tions  with  Junipers  SDX  policy 
manager. 

The  so-called  ATM2  PICs  in¬ 
clude  one-  and  two-port  OC-12 
and  two-port  OC-3  interfaces. 
They  perform  per  virtual  cir¬ 
cuit/virtual  path  shaping  and 
rate  limiting,  queuing  and  classi¬ 
fication  features  such  as  weight¬ 
ed  round  robin  and  random 
early  discard,  and  Layer  2  to 
Layer  3  priority  mapping  across 
MPLS  backbones. 

The  IPv6  addition  to  the  ERX 
router  supports  Version  3  of  Open 
Shortest  Path  First  protocol.  Jun¬ 
iper  already  has  IPv6  support  for 


might  occur  in  2004  but  not 
enough  to  reach  2001  revenue 
levels,  when  long-haul  accounted 
for  51%  of  the  total  optical  mar¬ 
ket,  Probe  says. 

Infonetics  Research,  meanwhile, 
says  that  after  declines  in  2003 
and  2004,  worldwide  revenue  for 
the  optical-hardware  market  over¬ 
all  will  be  slightly  up  in  2005. 

For  the  third  quarter,  the  world¬ 
wide  optical-hardware  market 
was  down  14%  from  last  quarter, 
according  to  Infonetics  and  its 


Border  Gateway  Protocol  and 
Intermediate  System-to-Intermedi- 
ate  System  routing  protocol. 

Transparent  LAN  capabilities 
will  emerge  next  year  in  Juniper 
routers  to  support  Layer  2  virtual 
private  line  service  offerings  from 
carriers. 

The  PICs  with  the  new  Q-series 
queuing  processor  include 
one-port  channelized  OC-12,  10- 
port  channelized  E-l  and  four- 
port  channelized  DS-3  to  emerge 
in  the  first  quarter  of  2003;  and 
Gigabit  Ethernet  at  a  future  date. 

Heckart  acknowledges  that 
MINT  will  be  one  of  several  ser¬ 
vice  provider  profitability  frame¬ 
works  to  emerge  from  a  handful 
of  vendors.  Cisco  already  has 
articulated  its  desire  to  take  ser¬ 
vice  providers  beyond  commod¬ 
ity  connectivity  and  into  value- 
added  services. 

She  says  that  there’s  “still  a  lot  of 
work  to  do”  with  regard  to  inte¬ 
gration  of  non-Juniper  products 
into  MINT.  Yet, she  says  that  imple¬ 
menting  even  one  of  four  opera¬ 
tional  layers  of  MINT  will  be  a 
“leap”  from  where  service  pro¬ 
viders  are  today  in  deriving  prof¬ 
itability  from  data  services. 

Analysts  say  Juniper  might  be 
best  served  by  focusing  on  its 
internal  product-line  integra¬ 
tion.  Juniper  has  yet  to  say  how 
it  plans  meld  the  Unisphere  Net¬ 
works  edge  routers  acquired 
last  May  —  and  upon  which 
much  of  MINT  relies  —  cohe¬ 
sively  with  its  M-series  and  T- 
series  routers. 

“Juniper  needs  to  address  in 
more  detail  how  it  plans  to  rec¬ 
oncile  the  ERX  series  with  the  M- 
series, since  rivals  will  accent  the 
emerging  overlap  between  the 
two  lines  to  sow  confusion  about 
the  Juniper  IP  service  edge  prop¬ 
osition,”  said  Ron  Westfall,  an 
analyst  at  Current  Analysis,  in  a 
recent  report.  ■ 


competitor,  Dell’Oro  Group. 

Both  companies  tally  long- 
haul  and  metropolitan  wave¬ 
length  division  multiplexing 
(WDM),  SONET/synchro- 
nous  digital  hierarchy  (SDH) 
and  optical  switching  sys¬ 
tems,  while  Infonetics  adds 
passive  optical  networking 
(PON)  devices  to  its  optical 
hardware  mix.  Infonetics 
says  the  worldwide  revenue 
totaled  $2.26  billion.  Dell’- 
Oro’s  count,  which  doesn’t 
include  PON  devices,  had  it 
at  $1.64  billion. 

The  optical-hardware  mar¬ 
ket  is  and  will  continue  to  be 
propped  up  by  the  metropol¬ 
itan  optical  systems,  Info¬ 
netics  says,  which  comprised 
64%  of  optical  hardware 
sales  in  the  third  quarter. 
Within  that  market,  intelligent 
metropolitan  systems  —  which  at 
$1.6  billion  in  the  third  quarter 
accounted  for  69%  of  metropoli¬ 
tan  optical  revenue  and  72%  of  all 
optical-hardware  revenue  —  will 
experience  the  most  growth,  the 
firm  says. 

Infonetics  defines  intelligent 
optical  gear  as  data-aware  equip¬ 
ment  with  remote  configuration 
and  remote-service  provisioning 
that  can  be  deployed  in  mesh, 
star  and  ring  topologies  for  rapid 
buildout  and  revamp.  This  con¬ 
trasts  with  legacy  SONET/SDH 
equipment  that  only  can  be 
deployed  in  a  ring  configuration, 
is  optimized  for  voice  and  TDM 
traffic,  requires  multiple  systems 
for  cross-connection  and  add/ 


Internal  growth 

The  intelligent-metro  subset  of 
the  worldwide  optical  hardware 
market  is  expected  to  grow  over 
the  next  year,  while  the  overall 
market  is  expected  to  decline. 

$10.2B 
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■  Intelligent  metro  optical  hardware  revenue 

■I  Total  optical  hardware  revenue 

SOURCE: INFONETICS  RESEARCH 

drop  multiplexing  functions,  and 
requires  lengthy  and  cumber¬ 
some  circuit  provisioning. 

While  the  total  metropolitan 
market  is  down  8%  in  the  third 
quarter,  intelligent  metro  is  down 
only  5%,  Infonetics  says.  SONET/ 
SDH  still  outpaces  WDM  sales  by 
a  more  than  2-to-l  ratio,  represent¬ 
ing  70%  of  total  spending  in  the 
third  quarter,  while  WDM  is  29% 
and  PON  l%,the  firm  says. 

SONET/SDH  equipment  ac¬ 
counted  for  67%  of  the  total  mar¬ 
ket  in  the  third  quarter,  according 
to  Dell’Oro.  There  also  was  some 
changing  of  the  SONET  guard  in 
the  third  quarter:  Lucent  and 
Siemens  vaulted  to  the  top  of  the 
list  in  SONET/SDH  from  middle  of 
the  pack. 


Lucent  jumped  to  No.  1 
from  No.  3,  and  Siemens 
leaped  to  No.  2  from  No.  5. 
Lucent  replaces  Alcatel  in 
the  top  spot  while  Siemens 
supplants  Nortel  at  No.  2. 

Siemens  was  the  only  ven¬ 
dor  with  sequential  growth 
in  SONET/SDH.The  vendor’s 
revenue  increased  19%  from 
the  second  quarter,  while  Lu¬ 
cent’s  declined  by  13%,  Dell’- 
Oro  says.  Nortel’s  SONET/ 
SDH  revenue  declined  22%. 

Looking  to  next  year,  In¬ 
fonetics  expects  a  7%  year- 
to-year  growth  in  intelligent 
metropolitan  optical  rev¬ 
enue  —  from  $4. 1  billion  to 
$4.4  billion  —  while  rev¬ 
enue  in  most  optical  cate¬ 
gories  will  decline. 

The  total  optical  market 
will  decline  12%  in  2003  from 
2002,  from  $10.2  billion  to  $9.0  bil¬ 
lion,  according  to  Infonetics. 

Why  all  the  activity  in  metropol¬ 
itan  and  intelligent  metropolitan 
optical?  Infonetics  and  Probe  say 
that  the  long-haul  optical  net¬ 
works  of  carriers  are  built  out  or 
even  overbuilt  because  of  unreal¬ 
istic  projections  in  the  growth  of 
IP  traffic.  Probe  also  notes  that  sev¬ 
eral  large  long-haul  carriers  are 
bankrupt  or  financially  unstable. 
This  will  lead  to  consolidation  in 
the  carrier  and  optical  equipment 
vendors  ranks,  Probe  says.  Other 
factors  affecting  long-haul  optical 
and  the  industry  as  a  whole  are 
investor  distrust  in  telecom  ser¬ 
vice  providers  and  their  equip¬ 
ment  vendors.  ■ 


Q  A 

VocalTec 

continued  from  page  39 

costs.Today  they  are  paying  quite  a  bit  of 
money  on  long-distance,  domestic  phone  calls. 
Now  some  companies  are  . . .  pushing  a  dis¬ 
placement  of  PBXs  by  introducing  IP  PBXs. 

Most  organizations  don’t  like  that  today 
because  it  is  a  displacement  of  a  reliable  prod¬ 
uct  that  they  like  which  has  not  amortized  itself 
yet.  Our  proposition  to  them  would  be  to  add 
on  a  customer  premises  equipment  gateway  as 
an  adjunct  to  their  PBX.Then  suddenly  from 
your  regular  phone  in  the  office, you  may  dial 
four  or  five  digits  to  any  employee  in  the  organi¬ 
zation  worldwide,  without  extra  cost. 

What  should  the  concerns  be  about  voice  quality? 
Aren’t  service-quality  guarantees  necessary? 


They  are  necessary  for  Cisco  to  be  able  to  sell 
their  products.  Obviously,  they  want  to  differenti¬ 
ate.  but  the  fact  of  life  is  that  there  are  ways  of 
guaranteeing  and  improving  quality  using  the 
public  Internet  that  will  continue  improving. 

Can  those  ways  of  improving  it  be  done  from 
the  edge? 

Yes.The  system  is  checking  connection  qual¬ 
ity  by  pinging  delay  and  congestion  on  that  par¬ 
ticular  Internet  route.  It  has  the  time  to  divert 
the  call  via  another  channel  over  the  open 
Internet,  or  if  it  still  cannot  find  anything  it  will 
bounce  it  back  onto  a  switched  network. 

What  can  the  dialing  switch  do  to  determine  what 
path  traffic  takes  through  the  Internet9 

You  have  different  gateways  in  different  loca¬ 
tions.  And  the  gatekeeper  is  doing  mapping  so 
it  can  determine  where  to  route  the  call  if  an¬ 
other  route  is  congested.  ■ 
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PeopleSoft  Customer  Relationship  Management  lets  you  capitalize  on  every 
customer  interaction  across  your  enterprise. 


Only  PeopleSoft  CRM  provides  real-time  information  on  all  aspects  of  your  customer  relationships.  It  integrates 
business  processes  seamlessly  across  your  organization  to  determine  the  most  profitable  ways  to  manage 
customers.  Simply,  PeopleSoft  CRM  turns  every  point  of  customer  contact  into  a  profit  opportunity. 


Learn  more  by  visiting  us  atwww.peoplesoft.com/crm  or  call  1-888-773-8277. 


©2002  PeopleSoft,  Inc.  PeopleSoft  is  a  registered  trademark  of  PeopleSoft,  Inc. 
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Find  confidence  in  the  midst  of  chaos. 


Focus  on  the  best  in  network  security,  every  step  of  the  way. 


Start  with  a  secure  foundation. 

Our  operating  system,  IPSO,  is  built  from  the  ground  up  for  security. 
It  eliminates  many  vulnerabilities  common  to  general-purpose 
servers,  and  also  incorporates  our  patented  IP  Clustering  technology. 
Multiple  Nokia  security  appliances  can  be  linked  as  one,  on  the  fly, 
for  new  levels  of  performance,  reliability  and  scalability. 


Integrate  the  best  in  network  security  expertise. 

Partners  like  Check  Point  Software  Technologies,  Internet  Security 
Systems  and  F5  help  us  deliver  the  full  capabilities  of  their  VPN, 
firewall,  intrusion  protection,  and  Internet  traffic  management 
applications.  To  learn  about  the  other  ways  we  give  our  customers 
greater  peace  of  mind,  just  visit  www.nokia.com/ipsecurity/na. 
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Update 

■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


ESP  over  Fibre  Channel  secures  SANs 


Solving  security  concerns 


In  an  untrusted  Fibre  Channel  network,  the  end  points  implement 
Encapsulating  Security  Payload  (ESP)  to  encrypt  traffic. 


Storage  array 


c 

c 

-  Disk  A 

\  / 

Encrypted  data  frames 

D 

D 

_  Disk  B 

Encrypted 
control  frame 

Encrypted 
control  frame 

DiskC 


All  traffic  is  encrypted 


There  are  three  ©  Control  frames  are  not  o  Control  frames  are  encrypted,  ©  Both  control  frames  and 
options  with  ESP  encrypted,  but  data  frames  but  data  is  not.  This  is  a  cost-  data  frames  are  encrypted, 

over  Fibre  Channel:  are.  This  requires  a  effective  software  solution  that  This  requires  hardware  on 

hardware-based  approach.  works  with  host  bus  adapters.  all  nodes. 


■  BY  GANESAN  CHANDRASHEKHAR 

Storage-area  networks  were  once  closed 
and  relied  predominantly  on  physical 
protection  to  ensure  security.  However,  as 
SANs  become  more  distributed  and 
remotely  accessible,  security  concerns 
are  growing. 

Fibre  Channel  has  limited  security  ser¬ 
vices.  Commonly  used  schemes  such  as 
zoning  and  logical-unit-number  masking 
provide  some  level  of  access  control,  but 
without  authentication  of  hosts  or  users 
connected  to  the  fabric,  they  cannot  pre¬ 
vent  host  spoofing,  message-replay  attacks 
or  unauthorized  entity  fabric  access. 

The  Fibre  Channel  standardization  body 
(T-ll)  has  initiatives  to  enhance  Fibre 
Channel  security  by  defining  protocols  to 
address  access  issues  —  supporting  au¬ 
thentication,  data  encryption  and  manage¬ 
ment  of  security  information. 

One  such  scheme  is  Encapsulating  Se¬ 
curity  Payload  (ESP)  over  Fibre  Channel, 
which  has  become  the  de-facto  way  to  se¬ 
cure  transmissions  in  the  Fibre  Channel 
network.This  scheme  is  flexible  enough  to 
let  administrators  decide  which  type  of 
messages  (control  frames  or  data  frames) 
to  secure. 

ESP  can  secure  communications  be¬ 
tween  any  two  entities  in  a  fabric  by  pro¬ 
viding  message  authentication  and  option¬ 
al  confidentiality.  It  is  widely  deployed  in 
the  IP  world,  and  the  IETF  iSCSI  proposal 
specifies  it  for  link  security 

Fibre  Channel  specifies  a  maximum 
transmission  unit  of  2,112  bytes, and  longer 
transfers  are  segmented  into  sequences. 
Typically,  storage  protocols  use  2,048-byte 
frames,  so  there  is  some  headroom  for  the 
ESP  header  and  trailer. 


To  deter  session-key  brute-force  attacks, 
ESP  implementations  must  have  key  life¬ 
times  based  on  amount  of  data  transfer 
and  number  of  packets  allowed  per  key 
Rekeying  enables  an  automatic  and  secure 
exchange  of  new  keys. 

At  the  recent  T-l  1  Fibre  Channel-Security 
Protocols  committee  meeting,  the  shared- 
password  protocol  Diffie-Hellman  Key  En¬ 
cryption  Protocol-Challenge  Handshake 
Authentication  Protocol  (DH-CHAP)  was 
unanimously  accepted.  This  shared-pass¬ 
word  rekeying  scheme  does  not  need  cer¬ 
tificates,  but  requires  acceptable  pass¬ 
word  practices  (128  bits  and  nontext  char¬ 


acters)  to  avoid  attacks.  Shared-password 
administration  can  be  simplified  by 
offloading  to  a  centralized  Remote  Au¬ 
thentication  Dial-In  User  Service  device. 

By  deploying  periodic  host  authentica¬ 
tion  and  authorization  schemes  for  all  fab¬ 
ric  entities,  spoofing  can  be  prevented  and 
access  can  be  restricted  to  defined  storage 
resources. 

The  most-secure  deployment  is  achieved 
when  each  node  in  the  SAN  implements 
ESP  for  all  traffic,  control  and  data.  How¬ 
ever,  this  might  be  an  expensive  approach, 
because  it  requires  hardware  assistance 
from  all  nodes  because  of  performance 


impact. 

A  software  solution  (HBA  driver,  for 
example)  for  message  authentication  is 
cost-effective  when  only  control  frames 
need  to  be  secured  —  not  encrypting 
application  data. 

If  data  path  security  (full  encryption)  is 
desired,  it  will  be  application-dependent. 
Transaction  processing  applications  are 
latency  sensitive, while  e-commerce  data¬ 
bases  or  data  mining  require  high  through¬ 
put.  Latency  might  not  affect  secondary 
storage  applications.  As  such,  a  hardware- 
based  approach  would  best  meet  all  these 
performance  requirements. 

Key  management  will  be  an  important 
consideration.  For  example,  high  Fibre 
Channel  data  rates  quickly  wrap  over  the 
ESP  sequence-number  window  and 
prompt  frequent  rekeying.  The  Fibre 
Channel  standards  body  will  need  to 
address  this  issue,  possibly  by  increasing 
the  sequence-number  window  size.  Se¬ 
cure  mechanisms  for  storing  private  keys 
and  secret  passwords  at  the  host  are 
required,  which  might  include  using  pro¬ 
tected  memory  or  smart  cards. 

ESP  is  a  well-defined  and  well-under¬ 
stood  protocol  for  securing  data  in  flight. 
DH-CHAP  complements  ESP  by  providing 
a  needed  entity  authentication  and  key 
exchange  mechanism  for  Fibre  Channel 
SANs.  Fibre  Channel-Security  Protocol 
does  not  address  securing  data  at  rest.This 
is  an  outstanding  issue  as  corporate-sensi¬ 
tive,  trusted  or  regulated  persistent  data  is 
taken  off-site  or  consolidated  via  data  repli¬ 
cation  and  backup. 

Chandrashekhar  is  a  technical  staff 
member  at  NeoScale  Systems.  He  can  be 
reached  at  shekhar@neoscale.com. 


Dr.  Internet  By  Steve  Blass 

We  have  a  300-workstation  network  with  a 
Windows  2000  server,  two  domain  controllers,  a 
SQL  2000  database  server,  Linux  Web  server  and 
ISA  firewall.  We've  been  asked  to  segment  the 
database  server  onto  a  separate  network  so 
only  certain  staff  members  can  access  it.  We 
also  want  to  install  a  second  ISA  server  and  cre¬ 
ate  an  internal  demilitarized  zone.  Some  staff 
members  use  the  same  computers  all  the  time, 
so  we  need  to  allow  access  to  the  DMZ  based  on 


client  IP  address.  For  those  who  use  different 
workstations,  we  want  to  create  VPN  connection 
icons  on  their  desktops  so  they  can  dial  into  the 
DMZ  network. 

How  do  we  set  up  the  DMZ  ISA  server  to  allow 
access  based  upon  client  IP  addresses?  Also, 
how  do  we  configure  it  so  servers  inside  the  DMZ 
can  have  full  access  to  internal  network  re¬ 
sources  while  keeping  out  unauthorized  connec¬ 
tions  from  the  network? 


Start  ISA  Management  and  enable  packet  filter¬ 
ing  and  IP  routing  using  the  properties  dialog  in 
the  IP  Packet  Filters  section  under  Access  Policy 
for  the  ISA  server  name.  Configure  your  filtering 
rules  to  define  the  client  and  server  traffic  al¬ 
lowed  across  the  internal  DMZ  network  boundary. 

Blass  is  a  network  architect  at  Change@ 
Work  in  Houston.  He  can  be  reached  at 
dr.internet@changeatwork.com. 


o  restore  critical  data 


Is  partial  bad 


Annoying  error  messages 


System  crashed  on  unsaved  document 
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Managing  desktop  reliability  can  be  challenging. 
That’s  why  there’s  Windows  XP  and  Office  XP. 


Recognize  any  of  those  issues?  Or,  perhaps,  all  of  them?  We 
thought  so.  That’s  why  we’ve  made  Microsoft*  Windows*  XP 
Professional  and  Microsoft  Office  XP  Professional  the  most 
reliable  desktop  we’ve  ever  built.  Want  specific  examples? 


[  aorkttl  llrts  yystetday 


Unintelligible  ei 


Accidentally  deleted  all  fil 


Windows  XP  Professional  has  an  average  system  uptime  that  is 
10  times  better  than  Windows  98  SE,  and  3  times  better  than 
Windows  NT  4.0,  so  there  are  fewer  work  stoppage  incidents. 
With  AutoRecovery,  Office  XP  Professional  automatically  saves 


the  current  document,  spreadsheet,  or  presentation  at  the  time 
an  application  stops  responding,  so  users  don’t  lose  all  their  work 
(and  don’t  call  the  helpdesk  looking  for  it).  Want  more  reasons  to 
upgrade?  Visit  microsoft.com/desktop 
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ISAPI,  ISAPI  filters  and  finally  ASP 


A  correction  is  in  order  Two  weeks  ago 
we  wrote  that  “the  Windows  Task 
Scheduler  . . .  only  allows  a  minimum 
repeat  interval  of  24  hours,”  and  we  were 
wrong.  Despite  having  used  the  scheduler 
several  times,  we  moved  too  fast  to  notice 
the  checkbox  that  reads:  “Open  advanced 
properties  for  this  task  when  I  click  finish.” 
Had  we  done  so  we  would  have  found  that 
we  could  schedule  down  to  minutes.  Of 
course  we  couldn’t  schedule  “the  second 
Tuesday  of  every  month”  but  that’s  a  differ¬ 
ent  complaint. 

Anyway,  last  week  we  started  to  talk 
about  Microsoft’s  Active  Server  Page 
(ASP)  technology,  got  into  the  company’s 
Internet  Server  Application  Programming 
Interface  (ISAPI)  and  wound  up  in  a  dis¬ 
cussion  about  thread-safe  programming. 
Who  could  ask  for  more? 

In  our  discussion  of  thread-safe  program¬ 
ming,  we  covered  the  issues  of  race  condi¬ 
tions,  deadlocks  and  priority  failures  but 
had  to  stop  before  we  made  it  to  the  prob¬ 


lem  of  starvation  failures. 

This  final  requirement  for  thread-safe  pro¬ 
gramming  is  about  avoiding  the  situation 
that  occurs  when  threads  cannot  execute 
within  whatever  limiting  period  is  re¬ 
quired.  For  example,a  thread  that  provides 
data  to  a  client  (for  example,  a  response  to 
a  request  from  a  Web  browser)  might  have 
to  do  so  before  the  client  (the  browser) 
times  out.  Starvation  occurs  when  that 
timeout  is  exceeded  (and  the  user  of  the 
browser  gets  a  404),  because  the  thread 
doesn’t  get  enough  time  to  run  to  comple¬ 
tion  and  provide  a  response. 

So  a  thread-safe  environment  is  what 
ISAPI  attempts  to  create  to  support  multi¬ 
ple  requests  from  Web  clients  to  minimize 
resource  usage.  Typically  ISAPI  is  signifi¬ 
cantly  faster  than  the  same  process  imple¬ 
mented  using  the  Common  Gateway 
Interface  (CGI)  not  only  because  of  thread¬ 
ing,  but  because  ISAPI  DLLs  don’t  get 
loaded  and  unloaded  for  each  request. 
CGI,  on  the  other  hand,  requires  a  new 
instance  of  the  CGI  application  to  be 
loaded  when  each  request  is  received  and 
then  unloaded  when  it  finishes  (yes,  there 
is  FastCGI  but  that’s  not  a  great  improve¬ 
ment  or  generally  applicable). 

ISAPI  has  some  interesting  advantages 
over  CGI.  And  one  thing  that  can  be  done 
with  ISAPI  is  to  create  ISAPI  filters,  custom 


A  thread-safe  environment 
Is  what  ISAPI  attempts  to 
create  to  support  multiple 
requests  from  Web  clients 
to  minimize  resource 
usage. 


DLLs  that  are  called  for  every  HTTP  request 
(rather  than  being  called  specifically) 
before  the  Web  server  does  anything  with 
the  request. 

This  means  that  an  ISAPI  filter  can  be 
used  to  do  anything  with  HTTP  requests 
that  ranges  from  controlling  user  access 
and  logging  activity  to  responding  to  the 
request  in  any  way  you  please. 

ASP  is  a  technology  based  on  ISAPI  filter¬ 
ing  that  is  designed  for  programming  Web 
applications.  The  ASP  ISAPI  filter,  called 
ASPDLL,  operates  only  on  pages  that  have 
the  ASP  extension,  which  it  identifies  by 
examining  each  HTTP  request.  If  the  re¬ 
quest  is  for  an  ASP  file,  then  ASPDLL  gets 
involved. 

On  receipt  of  a  request  for  an  ASP  the 
ASP  module  examines  the  page  contents, 
determines  which  scripting  languages  to 


use,  loads  the  DLLs  for  the  scripting  lan¬ 
guage  interpreters,  passes  the  scripts  to  the 
interpreters  and  passes  the  results  (if  any) 
to  the  Web  server  to  be  sent  back  to  the 
device  that  made  the  request. 

Here’s  a  simple  ASP  page,  hello.asp: 

<%@  LANGUAGE  =  VBScript  %> 

<html> 

<head> 

<title>Yo-yo,  ding-dong.</title> 

</head> 

<body> 

Hello  World!  The  server’s  time  is  now 
<%=TimeO%>. 

</body> 

</html> 

This  pathetic  piece  of  code  starts  off  by 
telling  the  ASP  handler  that  we’re  using 
VBScript.  This  is  indicated  by  <%@  LAN¬ 
GUAGE  =  VBScript  %>.  Anything  in  the“<% 
...  %>“  tag  is  considered  to  be  ASP  code. 

The  only  thing  that  this  ASP  page  actually 
does  is  to  replace  the  tag  “<%=Time()%>“ 
as  the  page  is  interpreted  with  the  server’s 
time.The  result  in  the  requesting  browser  is 
a  window  titled  “Yo-yo,  ding-dong.”  that  con¬ 
tains  the  text“Hello  WorldlThe  server’s  time 
is  now  3:44:53  p.m.” 


Next  week ,  we’ll  try  to  get 
more  exciting.  Requests  to 
gearhead@  gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


The  recent  Fall  2002  Comdex  show  in  Las  Vegas  was  a 
rather  low-key  event;  it  seemed  that  more  people 
wanted  to  do  business  than  watch  any  over-the-top 
booth  demonstrations  (nary  a  bikini  or  magician  in  sight). 
Still,  there  was  plenty  to  get  excited  about  in  the  world  of 
gizmos  and  gadgets.  Here’s  a  list  of  the  coolest  stuff  I  saw  at 
the  show: 

BlackBerry  6510  from  Nextel:  This  new  phone,  PDA  and 
wireless  email  combination  device  is  practically  here  — 
shipments  to  Nextel  channels  begin  this  month  and  will  be 
generally  available  by  next  month.  The  device  includes 
Nextel’s  Direct  Connect  walkietalkie  feature  (the  but¬ 
ton  is  on  the  top)  and  runs  on  Nextel’s  national  net¬ 
work.  Other  features  include  an  embedded  key¬ 
board  that  connects  you  to  your  corporate  e-mail 
(Microsoft  Exchange  or  Lotus  Notes),  a  built-in 
speaker  and  microphone  (you  can  hold  the  device 
up  to  your  ear  like  a  mobile  phone),  and  Java  capa¬ 
bilities  that  let  you  download  business  applications 
(or  games)  to  the  phone. 

The  device  costs  $500  (plus  monthly  service  fees);  go 
to  www.nextel.com/blackberry  for  more  information. 

Microsoft  Smart  Displays:  I’m  still  on  the  fence  on 
whether  these  displays  are  the  coolest  things  in  years  or 
if  it's  just  hvpe.The  devices  are  cool, yet  the  price  might 
be  too  high  for  them  to  make  an  impact. 

The  Smart  Displays  work  like  this: They  connect  to  your 
desktop  PC  and  act  like  a  monitor.  If  you  want  to  move  to 


Chilling  out  at  Comdex 


a  different  room,  you  can  disconnect  the  monitor,  and  it 
acts  like  a  flat-panel  tablet  (you  can  use  a  digital  pen/sty¬ 
lus  to  write  on  the  screen).The  CPU  is  still  in  the  PC  in  the 
first  room, but  the  monitor  uses  802.1  lb  wireless  LAN  tech¬ 
nology  to  send  signals  back. 

The  first  company  out  of  the  gate  with  a  Smart  Display  is 
ViewSonic,  which  plans  to  sell  its  airPanel  devices  for 
$1,000  (for  the  10.4-inch  vllO  model)  and  $1,300  (for  the 
15-inch  vl500  model).  Microsoft  says  Smart  Display  will  be 
available  Jan.  8. 

Here’s  the  issue  —  the  Smart  Displays  might  be  able  to 
give  you  this  freedom, but  you  can  do  the  same  things  with 
a  notebook  connected  to  a  wireless  network  for  about  the 
same  price.  For  one-desktop  homes, a  Smart  Display  might 
be  a  better  option. More  information  on  the  Smart  Dis¬ 
plays  can  be  found  at  www.microsoft.com/windowsxp 
/smartdisplay. 


ViewSonic’s 
airPanel  acts  like 
a  wireless  monitor. 


The  BlackBerry 
6510  combines  the 
walkie-talkie  with 
wireless  e-mail. 

Hewlett-Packard’s 
iPaq  h5450:  The  newest 
Fbcket  PC  entrant  from  HP 
combines  several  connectiv¬ 
ity  features  and  packs  them 
into  a  powerful  device.  The  h5450 
includes  integrated  802.11b  technology  and  integrated 
Bluetooth  to  let  users  decide  how  to  connect  their  devices 
to  the  network.  It  also  includes  an  integrated  biometrics 
fingerprint  scanner  to  let  users  secure  access  to  the  device. 

It  is  the  first  iPaq  to  include  a  removable  rechargeable 
battery,  which  users  have  requested.  Other  features  include 
64M  bytes  of  RAM,  20M  bytes  of  storage  (flash  storage),  a 
Secure  Digital  I/O  (SDIO)  expansion  slot,  and  a  TFT  display 
The  h5450  runs  on  a  400-MHz  Intel  xScale  processor  and 
will  cost  $700.  The  device  should  be  available  now;  go  to 
www.hp.com  for  more  details. 

Veo  Photo  Traveler  Finally,  the  most  practical  and  inex¬ 
pensive  accessory  for  the  new  Palm  Tungsten  T  PDA  was 
Veo’s  Photo  Traveler. The  device  snaps  into  the  Palm’s  SDIO 
slot  and  acts  as  a  camera  for  the  device.  It  automatically 
installs  drivers  into  the  device  after  you  snap  it  in,  and  takes 
24-bit  color  photos  at  640-by480  (VGA)  pixel  resolution. 
The  device  costs  $100. 

For  field  service  workers  (or  even  insurance  or  real-estate 
workers)  who  need  quick  photos  at  a  low  resolution  ,  this 
device  can  be  an  inexpensive  alternative  to  a  digital  cam¬ 
era.  Go  to  www.veo.com/Traveler_Palm/default.asp  for 
more  details. 

If  you  want  to  see  some  of  these  and  other  products  that 
wowed  me  at  Comdex,  go  to  www.nwfusion.com,  Doc- 
Finder  3335,  for  video  highlights  of  the  show. 

Shaw  can  be  reached  at  kshaw@nww.com. 
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Fastlron  Edge  Switches  let  you  do  more  with  less.  Compact  form.  Immense  capabilities. 

•  "  ;  *  - 

Fastlron  Edge  Stackables  pack  more  power  into  your  wiring  closet  than  any  other  switch.  They  give  you 
tunable  functionality,  configurable  security,  and  simplified  management.  The  96-port  model  has  twice 

i 

the  port  density  of  the  nearest  competitor.  With  a  common  user  interface,  standard-based  network 
management  support,  redundant  and  hot-swappable  power  supplies,  and  a  common  software  suite,  the 
Fastlron  Edge  switches  give  you  the  lowest  total  cost  of  ownership  and  the  highest  investment  value  of 
all  the  major  switches.  Get  a  competitive  edge — get  a  Fastlron  Edge  Switch.  Call  1  .888.TURBOLAN 
(887-2652)  or  www.foundrvnetworks.com/fes. 
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No  matter  the  size  of  your  company,  we’ve  got  a  server  that  fits.  Dell  PowerEdge  servers  grow  with  your  business,  minimize  downtime,  are  easy  to  Inteyratr  ;,:i :  even 


easier  to  support.  No  matter  what  your  business  needs  -  from  file/print  to  database  management  -  you  can  choose  the  sewer  that  is  right  for  you.  And, 
by  dealing  direct  with  Dell,  you  get  a  system  customized  to  fit  your  business  needs,  at  an  affordable  price,  backed  by  our  award-winning  service  and 
support.  It's  a  nice  mix  of  exactly  the  server  you  need  with  exactly  the  server  you  want. 


same-as-cash  j 


Dell  Rated  #1  in  Intel-Based  Server  Satisfaction 

Technology  Business  Research 
Corporate  IT  Buying  Behavior  and  Customer  Satisfaction  Study 

1st  Quarter  2002 
-June  2002 


Dell  |  Small  Business 


PowerEdge™  600SC  Server 

NEW  Entry-Level  Server  with  Performance  Features 

•  Intel®  Pentium®  4  Processor  at  1 ,80GHz 

•  128MB  200MHz  ECC  DDR  SDRAM 

•  Upgradeable  to  4GB  of  Memory 

•  20GB5  (7200  RPM)  IDE  Hard  Drive 

•  Upgradeable  to  480GB5  of  Internal  Hard  Drive  Storage 

•  Embedded  Intel®  PRO  Gigabit5"  NIC 

•  Five  PCI  Expandability  Slots  (4-64/33MHz,  1-32/33MHz) 

•  1-Yr  24x7  Dedicated  Server  Phone  Tech  Support 

•  1-Yr  Next  Business  Day  On-Site  Service3 

as  low  as  $20/mo„  (46  pmts.3”) 

60  Days  Same-As-Cash 

E-VALUE  Code:  14461 -S21206s 
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60  Days  Same-As-Cash 
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Are  you  an 
early  adopter? 

Finding  leading-edge  network  shops  isn’t  as  easy  as  it 
used  to  be  —  and  it's  not  because  they  don’t  exist. 
Partly  to  blame  is  the  demise  of  national  user  organi¬ 
zations  that  gave  network  executives  a  high-profile  way  to 
showcase  their  efforts.  Increasingly  paranoid  corporate 
policies  about  discussing  IT  projects  in  public  or  with  the 
press  also  are  a  factor. 

But  perhaps  the  biggest  issue  is  that  so  many  companies 
don’t  want  to  be  seen  as  being  risk  takers  in  a  time  of 
extreme  fiscal  conservativeness.  After  all, survey  after  sur¬ 
vey  shows  that  IT  budgets  continue  to  be  tight.  And  we  all 
learned  a  few  lessons  about  going  overboard  during  the 
Internet  boom. 

Still,  the  fact  remains  that  new  network  technologies, 
from  IP  telephony  to  high-speed  wireless  LANs,  continue  to 
roll  out  and  advance  at  a  rapid  rate.  Industry  leaders  such 
as  Cisco  still  are  pumping  billions  of  dollars  into  research 
and  development  ($3.3  billion, or  17%  of  revenue,  in  its 
most  recent  fiscal  year)  and  though  venture  funding  of 
network  start-ups  is  way  down,  the  companies  still  got  $2.3 
billion  in  the  last  quarter. 

Some  corporate  IT  shops  are  hunkering  down,  playing  it 
safe  and  making  the  most  of  what  they  have. 

Others  are  playing  it  safe,  but  also  playing  it  smart  by 
putting  select  new  technologies  to  work  for  the  purpose  of 
saving  moneymaking  operations  more  efficient  or  gaining 
a  competitive  edge. These  companies  figure  this  is  the  per¬ 
fect  time  to  gain  an  IT-enabled  edge  over  competitors  that 
are  waiting  for  a  full  economic  recovery  Forrester  Re¬ 
search  calls  such  companies  “stealth  aggressors.” 

It’s  these  forward-looking  companies  that  we’ve  chosen 
to  highlight  in  our  special  Early  Adopters  package  of  sto¬ 


Linux  is  the  answer 

Regarding  “What  users  want  from  Microsoft” 
(www.nwfusion.com,  DocFinder:  3322):  1  perceive 
Microsoft  to  work  more  or  less  like  our  politicians 
do. You  tell  them  what  you  want;  they  listen, nod  their 
heads  and  then  do  what  they  were  going  to  do  any¬ 
way  You  can  either  play  by  their  rules  or  take  your 
game  elsewhere.  Elsewhere?  Yes,  to  Linux.  Here  are 
my  Linux  answers  to  some  of  users’  top  Microsoft 
issues: 

•  Patch  management:  Doesn’t  need  it  —  no 
patches. 

•  Security:  Bulletproof. The  worst  a  user  can  do  is 
blow  away  his  own  private  little  space,  not  the  whole 
host,  and  even  that  is  hard  to  do.  Also,  no  viruses. 

•  Licensing:  Doesn’t  exist. 

•  Support:You  might  need  a  guru  to  get  started  ini¬ 
tially  but  once  you  get  everything  up  and  running, 
you  won’t  need  much.  Paying  someone  big  bucks  for 
an  initial  setup  will  more  than  compensate  for  the 
nightmares  you’ll  never  have. 

•  Management  tools:  Plenty,  and  they’re  free. 

I  can  do  just  about  everything  from  my  Linux  box 
that  a  Microsoft  user  does.  1  have  not  upgraded  or 
patched  this  box  in  the  four  years  I’ve  been  using  it. 
Sure,  Office  and  Outlook  are  more  powerful,  but  do 
you  really  need  all  the  bells  and  whistles?  Netscape 
e-mail  does  just  fine,  doesn’t  change  mail  formats 
between  releases  and  doesn’t  burst  into  flames  or 
hang.  Neither  does  Linux. 

Take  one  of  the  techie  kids  in  the  office,  tell  him  to 
get  one  of  the  386s  out  of  the  storage  closet,  get  the 
CDs  and  do  a  “Linux  load  everything.”  Give  him  a 
week  to  tune  it,  and  you’ll  be  pleasantly  surprised 
when  he  demos  it. 

Tony  Podrasky 
San  Diego 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  Editor  In 
Chief,  Network  World,  118  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Defining  broadband 

When  was  the  term  “broadband”  redefined  to  mean 
speed?  In  the  story  “What  is  broadband?”  (Doc- 
Finder:  3323),  I  saw  many  different  definitions.  The 
only  definition  1  didn't  see  is  the  correct  one. 

The  true  definition  of  broadband  is:  A  transmission 
medium  that  can  carry  signals  from  multiple  inde 
pendent  network  carriers  on  a  single  coaxial  or 
fiber-optic  cable,  by  establishing  different  bandwidth 
channels.  Notice  that  there  is  no  mention  of  speed  in 
the  definition. 

Scott  Burch 
Chief  scientist 
Bulldog  Information  Services 
New  York 

Blogs  and  business 

Regarding  your  Face-off  “Are  Weblogs  legitimate 
business  tools?”  (DocFinder:  3324):  Mark  Hurst  con¬ 
tends  that  e-mail  is  more  effective  than  blogs.  This 
leaves  out  the  blog’s  most  important  feature:  The 
blog  becomes  a  true  knowledge-management  sys¬ 
tem.  It’s  a  searchable, sortable  archive  of  all  the  news 
and  information  that’s  relevant  to  users. 

Hurst  also  says  that  Usenet  is  a  better  method  for 
“building  a  community” —  and  he’s  right  to  some 
degree.  It  is,  if  you’re  trying  to  build  a  permanent 
community  on  a  certain  topic.  However,  if  you  are 
simply  trying  to  create  action  items  around  a  spe¬ 
cific  piece  of  news  or  want  to  make  a  quick  com¬ 
ment  about  something,  blogs  make  a  lot  of  sense.  A 
user  can  skim  all  the  major  stories  in  the  blog  and 
then  decide  which  areas  he  wants  to  delve  into. 
With  Usenet, the  user  is  required  to  judge  entirely  by 
subject  lines  with  no  additional  context. 

Mike  Masnick 
President 

Techdirt  Corporate  Intelligence 
Foster  City  Calif. 


ries,  which  starts  on  page  52. 

Gene  Zimon,CIO  and  a  senior  vice  president  at  Nstar, 
says  that  the  Massachusetts  utility  is  moving  ahead  with 
key  technology  projects  despite  a  constrained  budget.The 
company  is  heading  down  the  Web  services  path  in  an 
effort  to  tap  more  applications  than  it  ever  could  if  it  tried 
to  build  them  all  itself. 

Universities  such  as  DePaul  and  Miami  (of  Florida)  are 
putting  Session  Initiation  Protocol-based  IP  telephony  and 
coarse  wavelength  division  multiplexing,  respectively,  to 
work. Tenet  Health  Systems  is  out  in  front  in  securing  its 

802. 1  lb  wireless  LANs. 

If  you're  looking  for  reassurance  regarding  your  latest 
projects  or  inspiration  to  get  new  projects  off  the  ground, 
see  what  network  executives  at  these  organizations  have  to 
say.  And  feel  free  to  drop  me  a  line  about  what  you  have 
on  tap. 

—  Bob  Brown 
Executive  editor,  News 
t>brown@nwiv.  com 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  3321 
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n  an  apprehensive  society  we’ll  be  more 
identified  and  authenticated  than  ever 
before.  We'll  be  carded,  asked  for  our  per¬ 
sonal  identification  number  and  inspected 
using  a  bevy  of  new  technologies.  But  whether  these  efforts  prove  effec¬ 
tive  in  creating  real  security  depends  on  how  companies  implement 
their  identity  management  basics. 

Strong  authentication  means  adding  more  authentication  factors. To 
the  trusty  password  or  PIN,  add  a  smart  card,  token  generator  or  bio¬ 
metric  device.  Consider  an  expanding  array  of  newer  options.  Multiple 
vendors  now  can  use  cell  phones  as  authentication  tokens,  sending 
instant  messages  with  a  one-time  number  to  the  phone.  Other  products 
generate  unique  signatures  from  your  PC  or  other  hardware.  One  bio¬ 
metric  system  requires  users  to  call  a  toll-free  number,  which  verifies 
their  voice  and  issues  a  logon  PIN.  SchlumbergerSema  sells  a  smart 
card/fingerprint  reader.  RSA  Security’s  Smart  Badging  offers  a  smart 
card  that  also  functions  as  building  badge,  SecurlD  token  generator 
and  stores  personal  passwords  for  multiple  Web  sites. 

But  there  are  conflicts  between  security  and  convenience  that  make 
strong  authentication  challenging. Smart  cards  still  require  the  right  PC 
driver  to  be  installed.  Users  dislike  carrying  around  a  plethora  of  cards 
and  other  authentication  devices.  How  do  you  authenticate  employees 
who’ve  forgotten  to  bring  their  cards  to  work?  Cell  phones  are  equally 
forgettable  and  must  have  wireless  network  coverage  to  operate. 

Biometrics  promise  the  ultimate  convenience.  But  what  if  you’re  dis¬ 


Authentication  gets  smart 


abled.have  laryngitis  and  can’t  produce  the  desired  voice  print,  or  are 
too  paranoid  to  trust  Big  Brother  with  your  most  personal  data? 
Biometrics  has  unleashed  many  issues. 

Some  say  the  smart  card  as  national  ID  card  holds  the  answer. 
Throw  out  the  fat  wallet  —  you  just  need  one  card.  In  time,  our  state- 
issued  driver’s  license  could  be  made  into  smart  cards.  But  who  is  to 
say  fake  cards  won’t  be  readily  available  on  the  black  market? 

Which  brings  us  to  authentication,  which  must  get  smarter.  Systems 
that  authenticate  users  must  be  sensitive  to  context:  If  Joe  forgets  his 
card,  he  still  should  be  able  to  log  on  with  a  password,  but  shouldn’t  be 
allowed  to  access  sensitive  applications.  Single  sign-on  might  be  a  nice 
dream;  graded,  context-sensitive  authentication  should  be  the  reality 

The  basic  identity  management  processes  must  get  better.  Make  sure 
your  systems  for  vetting  the  user’s  identity  before  issuing  credentials  are 
bulletproof.  Invest  in  user  training  and  password  provisioning  to  ensure 
better  password  quality  When  planning  smart  cards  or  other  strong 
authentication  approaches,  tie  them  to  your  directory  and  Web  access- 
management  infrastructure. 

Authentication  technologies  are  getting  stronger,  but  so  are  hackers. 
You  can’t  afford  to  sit  this  game  out.  Look  to  the  basics  and  innovative 
technologies  to  make  authentication  stronger,  smarter  and  better. 


Single  sign-on 
might  be  a  nice 
dream;  graded, 
context-sensitive 
authentication 
should  be  the 
reality. 


Blum  is  senior  vice  president  and  research  director  with  Burton 
Group,  a  research,  consulting  and  advisory  service.  He  can  be  reached 
at  dblum@burtongroup.com. 
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olumns  written  this  time  of  year  often 
have  one  of  three  themes:  a  nostalgic 
look  back  —  such  as  the  10  best  things 
to  happen  in  2002  (unfortunately  the  “best”  events  this  year  would  be 
“worst”in  a  good  year);wishful  Santa-list  dreaming  —  you  know, the  10 
services  we’d  like  to  see  launched  (realistically  we’re  not  even  likely  to 
get  one  of  them  in  2003);  or  a  hopeful  look  forward. 

We’re  going  to  focus  on  the  New  Year’s  resolutions  that  might  turn 
the  industry  around  and  provide  meaningful  recovery.  But  while  we 
hate  to  play  Grinch,we  believe  2003  largely  is  going  to  be  a  repeat  of 
2002  —  and  potentially  a  bit  worse.  Here’s  why: 

•  Many  start-ups  will  fail  in  2003. We’ve  said  before  that  more  than  95% 
of  the  telecom  firms  started  in  1999  and  2000  will  either  shut  down  or 
be  sold  for  less  than  the  initial  investments,  and  we  still  expect  that  to 
happen.  Furthermore,  many  survivors  will  target  the  same  small  set  of 
customers.  If  you  add  up  everyone’s  projected  market  shares  within 
these  segments.it  totals  10,000%  —  and  the  last  time  we  checked,  only 
100%  of  market  share  is  available. 

•  Consolidation  hasn’t  happened  yet.  We  hope  it  will  in  2003,  but  it 
won’t  be  pretty. There  still  are  too  many  competitors  in  virtually  every 
segment  of  the  industry,  be  it  wireless,  broadband,  long  haul  or  whatev¬ 
er.  The  trend  is  for  these  companies  to  successfully  go  through  bank¬ 
ruptcy,  leaving  the  competitive  environment  in  its  irrational  and  unsus¬ 
tainable  state.The  few  mergers  and  acquisitions  we’ve  seen  this  year  are 
tiny  bets  by  big  players  at  “fire  sale”  prices  that  seem  to  have  almost  no 
effect  on  the  unhealthy  market  dynamics. 

•  A  number  of  forces  will  make  2003  a  very  painful  year  for  the  region¬ 
al  Bell  operating  companies.The  Bells  have  intensified  their  regulatory 
whining,  especially  over  unbundled  network  element-platform  pricing, 
and  seem  genuinely  scared  of  WorldCom  emerging  from  bankruptcy 
But  the  real  pain  might  come  from  more  subtle  areas.  Wireless  churn 
seems  to  be  intensifying  and  is  costly,  and  substitute  data  services  are 
going  to  put  tremendous  price  pressure  on  core  RBOC  data  offerings. 
The  emergence  of  freely  accessible  (or  low-cost)  Wi-Fi  sendees  will 
stress  the  high-cost  3G  data  rate  model, and  new  technologies, such  as 


Will  2003  see  a  telecom  revival? 


the  extended-reach  Vivato  antenna,  can  extend  previously  enterprise- 
oriented  and  short-range  technologies  from  “hot  spot”  coverage  to  full 
metropolitan-area  coverage  —  what  we  call  “metrospots.” 

•  The  telecom  industry  has  surrendered  the  high-value,  networked- 
entertainment  opportunities  to  the  traditional  media  and  consumer 
industries.  The  movement  of  the  PC  domain  into  the  entertainment 
center  —  which  will  be  a  major  movement  of  2003  —  is  going  to  cut 
into  the  potential  revenue-generating  services  of  the  telephone  com¬ 
panies  by  eliminating  the  middleman.  Services  such  as  MovieLink  go 
straight  to  the  customer  —  and  the  TV  set  —  over  a  broadband  con¬ 
nection.  Competition  will  force  bandwidth  pricing  toward  cost,  and 
without  a  middleman,  the  five  major  movie  studios  certainly  have  the 
low-cost  position.  After  all,  they  don’t  need  to  maintain  a  network. 

Of  course,  the  year  won’t  be  all  bad  news.  We  see  data  traffic  con¬ 
tinuing  to  grow  —  although  pricing  will  continue  to  be  under  pres¬ 
sure.  Budgets  will  be  allocated  to  meet  new  strategic  imperatives  — 
although  mostly  by  taking  away  from  other  budget  areas  to  keep  Wall 
Street  happy  (witness  Verizon  and  its  comments  on  capital  spending 
for  its  national  enterprise  data  backbone).  Home  networking  to  the 
entertainment  center  will  become  more  mainstream  —  although 
outsiders  such  as  Microsoft  and  consumer  electronics  players  might 
capture  much  of  the  value.  And  RBOCs  and  other  major  carriers  will 
have  an  incentive  to  provide  some  stability  for  their  most  important 
vendors  —  although  they  also  will  benefit  by  fostering  new  compe¬ 
tition  from  Asian  vendors. 

And  there  will  likely  be  a  few  true  bright  spots:  Wireless  metrospot 
products,  enterprise  security,  voice  over  IRXML  processing  equipment 
and  any  operational  support  system  that  will  yield  immediate  cost-sav¬ 
ings  will  likely  enjoy  true  market  success. 

Not  what  we  wanted  for  Christmas,  but  at  least  it’s  not  a  lump 
of  coal. 


While  we  hate 
to  play  Grinch, 
we  believe  2003 
largely  is  going 
to  be  a  repeat 
of  2002. 


Briere  is  CEO  and  McGuire  is  chief  strategy  officer  of  TeleChoice,  a 
market  strategy  consultancy  for  the  telecom  industry.  They  can  be 
reached  at  telecomcatalyst@telechoice.com. 
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Network  executives 
share  their  wisdom 


Gene  Zimon,  CIO  and  a 

senior  vice  president  at 
energy  company  Nstar 
in  Boston,  has  an  atypi¬ 
cal  perspective  on  net¬ 
work  technology.  While 
he  currently  oversees  a 
statewide  network  for 
the  utility,  which  serves 
1.3  million  residential  and 
business  customers 
across  Massachusetts, 
he  also  has  spent  time 
on  the  vendor  side,  most 
recently  at  Oracle.  This 
is  an  edited  transcript  of 
Zimon’s  talk  with  Net¬ 
work  World  News  Editor 
Bob  Brown  about 
Nstar's  key  IT  initiatives, 
including  a  move  into 
Web  services. 


What  do  you  see  as  the  pros  and  cons  of  being  an 
early  technology  adopter? 

Considering  that  Nstar  is  an  energy  distribution  com¬ 
pany  focusing  on  improving  customer  service  and  oper¬ 
ational  excellence,  I  don’t  feel  that  being  an  early 
adopter  of  networking  technology  is  appropriate. 
However,  if  a  new  technology  will  provide  us  a  signifi¬ 
cant  opportunity  to  achieve  improvements  in  customer 
service  and/or  reduce  our  operational  costs  at  reason¬ 
able  cost  and  manageable  risk,  I  would  definitely  con¬ 
sider  piloting  and  adopting  it.  I  have  done  this  in  the 
past  with  wireless  technologies  and  am  considering  sev¬ 
eral  emerging  technologies  [now] . 

What  are  your  main  challenges? 

The  key  things  are  driving  improvements  in  data  qual¬ 
ity  and  leveraging  our  systems  so  we  can  get  informa¬ 
tion  to  our  internal  customers  that’s  needed  to  manage 
and  measure  our  business  and  improve  our  workforce’s 
productivity  Our  focus  now  is  primarily  on  improving 
the  outage  management  process  from  the  time  a  cus¬ 
tomer  calls  to  the  time  we  actually  restore  service  and 
issue  a  follow-up  work  order  to  correct  the  system. 

Our  role  from  the  network  standpoint  is  to  keep  the 
outage  management  system  up  100%  of  the  time.  We ’re 
decentralizing  our  dispatch  system  by  setting  up  new 
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All-in-one  security  gateways  are  helping  to 
boost  confidence  in  wireless  networks. 


OPTICAL  IN  THE  ENTERPRISE 

Once  the  sole  purview  of  carriers,  beaming 
gigabits  over  glass  is  now  taking  root  in 
corporate  networks. 


SIP  PASSES  TASTE  TEST 

Session  Initiation  Protocol  is  winning  converts 
among  the  voice-over-IP  crowd. 


UNDER  CONTROL 

Route-control  customers  say  they’re  experiencing 
unexpected  benefits. 


THE  CUSTOMER  IS  KING 

Four  pioneers  from  different  industries  tailor 
CRM  technology  to  better  their  customer 
relations. 
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pany’s  $2.7  billion  in  revenue  over  the  past  12  months). 


Job  history:  Joined  Nstar  last  year.  Previously 
was  vice  president  of  business  development  for 
utilities  at  Oracle  in  2000-2001;  vice  president  of 
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1996-2000;  director  of  IS  at  Wang  in  1983-1996. 


Education:  Master’s  degree  in  education  from 
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service  centers.  From  a  network  perspective,  we’re  basi¬ 
cally  just  building  redundant  links  to  those  centers.  But 
the  other  thing  we’re  concerned  about  is  how  the  power 
restoration  process  would  be  affected  if  the  network  or  a 
service  center  went  down.  We ’re  planning  to  build  redun¬ 
dant  data  centers.The  first  step  there  is  building  high 
availability  into  the  servers,  and  we’re  looking  at  building 
a  geographically  dispersed  storage-area  network. 

So  your  efforts  are  largely  about  speeding  busi¬ 
ness  processes? 

Right.  One  key  project  we  expect  to  roll  out  in  the  spring 
will  make  it  easier  for  customer  service  reps  to  answer 
questions. We’ll  provide  the  [representatives]  with  a  portal 
to  all  back-end  systems  they  need  for  that  job,  from  billing 
to  services.That  is  all  done  through  WebMethods  messag¬ 
ing  and  Oracle  CRM  on  the  front  end. 

Then  you're  getting  into  Web  services? 

I  guess  you  could  say  we  are.  We ’re  starting  small,  not 
attacking  it  as  a  special  project  but  really  as  part  of  a  pro¬ 
ject  to  solve  a  business  problem.  We’re  moving  to  setting 
up  internal  services  for  validating  information  and  provid¬ 
ing  reference  services.  One  problem  we  have  is  a  dis¬ 
parate  set  of  systems  that  our  people  use  for  things  such 
as  addresses  of  customer  premises.  We’re  trying  to  estab¬ 
lish  a  message-based  premises  reference  [system]  such 
that  you  enter  a  request  about  a  premises  in  one  system 
and  it  goes  out  across  the  network  to  validate  a  street 
address,  ZIP  code,  and  the  X  and  Y  geographical  coordi¬ 
nates.  We  also  might  do  this  when  looking  up  equipment 
we  use. The  hardest  part  in  all  this  is  getting  agreement  on 
what  the  problem  is.Then  we  need  to  build  a  data  model 


Web  services  have  been  hyped  to  death  over  the 
past  year.  Do  you  think  they'll  live  up  to  the  hype 
and  if  so,  how  soon? 

Web  services  are  extremely  appealing  from  an  architec¬ 
tural  and  cost  containment  perspective,  and  therefore 
Nstar  is  closely  monitoring  product  development  strate¬ 
gies  of  application  and  other  technology  vendors. 
Currently  it  is  more  hype  than  real  in  that  we  have  not 
seen  true  usable  Web  service  delivery  components  from 
the  major  application  vendors  beyond  some  [programs 
for  validating  customer  locations] . 

My  view  of  a  Web  service  is  the  ability  to  initiate  a  re¬ 
quest  from  your  internal  portal  and  have  that  request  vali¬ 
dated  and  returned  by  an  external  or  internal  Web  ser- 
vice.To  achieve  this  there  are  issues  related  to  the  avail¬ 
ability  of  portals,  data  latency  security  validity  of  source 
and  cost,  which  need  to  be  defined.  None  of  the  enter¬ 
prise  portals  currently  on  the  market  are  architected  to 
take  advantage  of  the  emerging  Web  services  standards, 
particularly  the  emerging  interoperability  and  security 
standards.  Such  portals  are  not  expected  to  come  on  to 
the  market  until  late  2003. 

What  ramifications  do  you  expect  running  Web 
services  to  have  on  your  network  and  computing 
infrastructure? 

We  presently  deploy  most  enterprise  applications 
through  a  distributed  client/server  model.  Few  are 
deployed  on  the  desktop.  As  we  upgrade  these  applica¬ 
tions,  we  will  be  moving  to  a  thin-client  model. Thus,  we 
already  have  a  fairly  high-traffic  network.  I’d  say  that  the 
greatest  ramification  of  running  Web  services,  and  particu¬ 
larly  depending  on  the  distributed  Web  services  delivery 


vice  when  such  functionality  is  coming  from  outside  the 
enterprise?  How  do  you  ensure  that  two  Web  services 
components,  both  of  which  are  hosted  outside  the  enter¬ 
prise  by  different  entities,  remain  in  synch? 

It  will  be  our  intent  to  pilot  some  minor  Web  service 
applications  internally  to  better  understand  the  internal 
network  traffic.  Examples  could  be  our  employee  tele¬ 
phone  directory  our  conference  scheduling  capability 
and,  as  I  mentioned  before,  evolving  some  of  our  refer¬ 
ence  data  services. 


Are  you  giving  Microsoft's  .Net  architecture  a  look? 

We  are  presently  watching  both  .Net  and  J2EE  [Java  2 
Platform  Enterprise  Edition], This  is  the  key  technical 
decision  that  we  will  need  to  make  within  the  next  six 
months.  It  impacts  multiple  dimensions  and  layers  on 
our  technical  architecture,  and  we  will  need  to  under¬ 
stand  the  benefits,  limitations  and  risks  of  the  various 
options.  Analysts  seem  to  be  favoring  J2EE  as  the  stan¬ 
dard  to  adopt. 


What  does  your  network  look  like? 

We  have  a  totally  redundant  Gigabit  Ethernet  fiber  ring 
around  the  Boston  area  that  connects  our  major  sites,  and 
Ethernet,  frame  relay T-ls  orT- 
3s  to  all  our  service  cen¬ 
ters.  Our  unregulated 
subsidiary  Nstar.com, 
installed  the  fiber. 

Verizon  is  our  prim¬ 
ary  carrier,  and  we 
have  UUNET  for 
See  Zimon,  page  63 


“We  are  presently  watching  both  .Net  and  J2EE. 
This  is  the  key  technical  decision  that  we  will  need 
to  make  within  the  next  six  months.” 


from  which  we  can  build  the  reference  services  that  self¬ 
populate  as  much  as  possible. 

Why  Web  services  rather  than  more  traditional 
application-development  methods? 

While  we’re  starting  internally,  the  real  potential  bene¬ 
fits  will  come  when  we’re  able  to  take  advantage  of 
external  providers  of  certain  types  of  databases  and/or 
services. There’s  no  reason  we  need  to  create  all  these 
types  of  databases  internally.  Right  now  some  these  limit¬ 
ed  services  are  free,  too,  although  we’d  need  to  validate 
them. To  create  an  extended  enterprise  that  can  take 
advantage  of  these  services  we  need  to  componen- 
tize  our  application  architecture,  so  all  the  parts  can 
just  plug  and  play 

One  example  of  where  we  might  want  to  take 
advantage  of  this  is  when  a  utility  pole  goes  down 
or  is  damaged  and  you  see  double  poles  go  up. 

That  damaged  pole  can’t  be  removed  without  the 
cable,  telephone  and  electric  utilities  taking  action 
in  a  prescribed  order.  Web  services  could  be  used  to 
determine  the  status  of  these  actions,  the  order  of 
which  varies  based  on  who  owns  the  pole.  In  fact, all 
the  major  utilities  in  Massachusetts  got  together  and 
selected  a  vendor  to  provide  what  is  really  an  applica¬ 
tion  service  provider;  however,  this  functionality  could 
be  restructured  as  a  Web  service  that  could  work  with 
our  back-end  systems. 


model,  is  going  to  be  the  administra¬ 
tion.  For  example,  how  will  enter¬ 
prises  deal  with  Web  service  com¬ 
ponents  hosted  outside  the  enter¬ 
prise  that  are  subject  to  change? 
How  can  you  guarantee  avail¬ 
ability  of  key  business  func¬ 
tionality  or  continuity  of  ser- 


■  Sure,  you  want 

end-to-end  network  security 
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BY  ELLEN  MESSMER 
AND  JOHN  COX 

All-in-one  security 
gateways  are  helping 
to  boost  confidence 
in  wireless  networks. 


“The  thing  that 
attracted  us  to  the 
Bluesocket  Wireless 
Gateway  is  its  ability 
to  interface  with  a 
LDAP  directory  ” 

Joseph  Bruno,  CIO,  Harvard 
Medical  School 


Oosing  sleep  lately?  With  rogue 

wireless  LAN  access  points  pop¬ 
ping  up  every  time  you  turn 
around  it’s  easy  to  understand  why 
Securing  the  ether  is  becoming  job  No.  1. 

One  approach  that’s  gaining  favor  is  to  use  security 
gateways  to  lasso  groups  of  access  points. These  boxes 
are  available  from  a  handful  of  start-ups,  including  Blue- 
socket,  Cranite  Systems,  Fortress  Technologies,  ReefEdge 
and  Vernier  Networks.  As  a  single  sentry,  the  wireless 
security  gateway  might  provide  a  firewall  and  support 
for  authentication  and  encryption.  Some  products,  such 
as  those  from  Bluesocket  and  ReefEdge,  can  manage 
wireless  bandwidth  by  enforcing  quality-of-service 
restrictions  on  bandwidth  use  or  application  types. 

It’s  not  only  the  all-in-one  aspect  of  these  security  ap¬ 
pliances  that  appeals  to  early  adopters.  Many  organiza¬ 
tions  say  the  gateways  complement  existing  security 
resources  such  as  VPNs  and  directories  used  to  authenti¬ 
cate  users  of  Ethernet  LANs  and  enterprise  applications. 

“The  thing  that  attracted  us  to  the  Bluesocket  Wire 
less  Gateway  is  its  ability  to  interface  with  a  [Light¬ 
weight  Directory  Access  Protocol]  directory”  says 
Joseph  Bruno,  CIO  at  Harvard  Medical  School,  where 
students  and  professors  have  clamored  for  802.1  lb 
wireless  access  across  three  floors  of  the  school’s  edu¬ 
cation  and  library  centers. 

Harvard  already  had  invested  considerable  resources  in 
an  LDAP  directory  and  an  Oracle  database  to  regulate  the 
network  privileges  of  tens  of  thousands  of  users  on  the 
campus.“We  didn’t  want  to  have  to  bring  in  another 
authentication  engine  for  user  names  and  passwords 
just  for  wireless,”  Bruno  says. 

During  the  past  few  months,  Harvard  Medical  School  in 
Cambridge,  Mass.,  has  installed  dozens  of  Cisco  Aironet 
wireless  access  points  so  staff  and  students  with  802. 1 1- 
enabled  laptops  can  access  the  campus  LAN  after 
authenticating  by  means  of  password  through  Blue- 
socket’s  WG- 1000  appliances. 

The  WG-lOOOs,  which  check  user  data  against  Harvard’s 
central  repository,  are  maintained  in  load-balancing 
mode  for  failover  purposes. The  gateways  support  a  num¬ 
ber  of  encryption  modes,  including  IP  Security  (IPSec) 
implementations,  Fbint-to-Fbint  Tunneling  Protocol  and 
Secure  Sockets  Layer  (SSL). 

Harvard  selected  Cisco  Aironet  as  the  most  “stable” 
among  a  number  of  vendor  access  points  tested,  Bruno 
says.  “But  the  security  features  of  the  access  points  are 
not  that  good.” 


The  802.11-standard  encryption  Aironet  uses, Wired 
Equivalent  Privacy  (WEP),is  viewed  as  weak  and  break¬ 
able.  Moreover,  Harvard  didn’t  want  to  get  locked  into 
using  Cisco’s  proprietary  Lightweight  Extensible  Authen¬ 
tication  Protocol  (LEAP),  which  would  have  required 
use  of  Cisco’s  wireless  LAN  cards  and  authentication 
server.“LEAP  doesn’t  leverage  the  things  in  our  environ¬ 
ment,  like  the  LDAP  directory^  Bruno  says. 

Harvard  Medical  School  looked  at  a  few  other  security 
gateways  before  choosing  Bluesocket.  Costs  for  compet¬ 
ing  devices  were  roughly  equal  —  a  few  thousand  dol¬ 
lars  per  appliance,  each  of  which  could  support  about  a 
dozen  access  points.  But  Harvard  went  with  BlueSocket 
because  it  dovetailed  with  the  school’s  existing  security 
investments. 

Although  the  Bluesocket  gateway  can  restrict  wireless 
bandwidth  by  user  and  application,  Harvard  Medical 
School’s  IT  staff  hopes  to  avoid  using  that  feature.“We 
suggest  people  limit  their  use  of  the  [wireless]  LAN  to 
e-mail  and  low-bandwidth  applications,”  Bruno  says.’To 
the  best  of  my  knowledge,  we’ve  never  had  to  go  to  peo¬ 
ple  and  say'You’re  hogging  all  the  bandwidth.’” 

But  the  school  can  examine  traffic  by  type  and  user,  if 
needed,  using  reports  generated  by  the  Bluesocket  gate¬ 
ways,  which  report  to  a  central  management  console. 

Rx  for  mixed  LANs 

Marrying  wireless  network  authentication  to  an  existing 
directory  also  figured  into  security  planning  at  Tenet 
Health  Systems,  which  operates  1 19  hospitals,  20  of  which 
independently  started  to  use  a  mix  of  802.1  lb  access 
points  from  Cisco,  Lucent  and  Enterasys  Networks. 

Instead  of  trying  to  sort  out  whether  different  vendors’ 
802. IX  authentication  software  worked  the  same  way, 
the  Santa  Barbara,  Calif.,  healthcare  company  opted  for 
the  ReefEdge  gateway  to  deploy  security  controls  across 
the  diverse  environment. 

ReefEdge’s  Connect  System  product  line  consists  of 
Edge  Controllers  that  support  as  few  as  three  to  as  many 
as  20  access  points,  depending  on  the  model.  A  hundred 
or  more  controllers  can  be  managed  by  another  appli¬ 
ance,  the  Connect  Server. 

Tenet  has  established  some  base  security  require¬ 
ments  for  wireless  use  at  hospitals.  At  a  minimum, 
each  Tenet  network  user  on  any  wireless  LAN  has  !o 
authenticate  their  identity  via  password  and  ID  to  •  • 
access  to  the  hospital  applications  available  across  a 
private  T-l  network. 

“We  need  to  have  these  wireless  LANs  work  wit!  <  i 
[Microsoft]  Active  Directory  where  v/e’ve  stored  ie 
tion  on  over  113,000  users,' says  Jeff  Left,  the  corf. or 
senior  director  for  technical  strategy  and  operark  e 
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V;  !e  the  ReefEdge  product  supports  Active  Directory,  it 
is  easy  as  Lett  originally  had  hoped.  A  Remote 
Authentication  Dial-In  User  Sen-ice  server  is  required  to 
link  to  the  central  Active  Director,: 

in  Tenet’s  decentralized  environment,  hospitals  make 
their  own  choices  when  it  omes  to  using  VPNs  for 
security,  Lett  says.“W  d ready  had  about  3,000  or  so 
VPN  users.” 

A  ReefEdge  client  component  called  the  “Mobile  Do¬ 
main  Utility”  is  an  optional  piece  of  software  that  Tenet 
hospitals  can  use  to  enforce  use  of  IPSec  clients  for  en¬ 
cryption  it  works  with  Nortel’s  Contivity  Extranet  Client, 
Cisco’s  VPN  Ciient  and  NetScreen’s  remote  client. 

The  ReefEdge  Connect  System  can  provide  bandwidth 
quality  of  service  and  authenticated  roaming  across  wire¬ 
less  LAN  subnets.  And  those  management  features  will 
take  on  growing  importance  for  Tenet  because  some  hos¬ 
pitals  are  beginning  to  use  their  wireless  networks  to  sup¬ 
port  IP-based  phones  from  SpectraLink. 

Remote  support 


Cranite  gateway  Users  log  on  to  the  Wireless  Wall  using  a 
Cranite  client, says  Mark  Kuchniki,the  organization’s 
director  of  information  services. 

With  the  gateway,  IT  can  regulate  access  to  parts  of  the 
network.  For  instances  pediatric  care  staffer  from  a  part¬ 
ner  hospital  might  be  limited  to  accessing  e-mail  and 
the  Internet  when  working  at  CancerCare’s  main  site. 

CancerCare  is  considering  deploying  the  tools  at  17 
small  offices  in  remote  rural  areas  if  it  can  figure  out 
how  to  do  so  cost  effectively  but  most  of  the  sites  only 
have  one  access  point  and  a  couple  of  clients.“It’s  not 
cost-effective  to  add  a  $  10,000-controller  at  each  site,” 
Kuchniki  says.“And  we  can't  create  a  virtual  LAN  over  a 
wide-area  network”  because  the  gateway  handles  only 
one  set  of  IP  addresses. 

Kuchniki  is  talking  with  Cranite  about  software 
changes  that  would  let  the  Cranite  client  authenticate 
over  a  WAN  to  the  gateway. That  would  let  him  secure 
the  wireless  links  at  rural  clinics  without  having  to 
deploy  more  controllers. 


Some  organizations  that  are  installing  security  gateways 
to  encrypt  radio  waves  are  discovering  that  far-flung  facili¬ 
ties  represent  something  of  a  challenge. 

Cranite  Systems’ Wireless  Wall  gateway  requires  the  use 
of  client  code  to  set  up  an  encryption  session  from  laptop 
to  the  gateway  appliance.  Cranite  uses  the  Advanced  En¬ 
cryption  Algorithm,  the  new  federal  standard  for  encryp¬ 
tion  intended  to  replace  the  aging  Digital  Encryption 
Standard. 'Hie  encryption  is  performed  at  Layer  2, so  all 
the  network  information, such  as  addresses,  is  encrypted 
in  each  packet  with  the  data. 

CancerCare  Manitoba,  which  runs  cancer  treatment 
facilities  throughout  the  Canadian  province,  deployed 
the  Wireless  Wall  at  its  three  main  sites  in  the  capital, 
Winnipeg. 

The  Winnipeg  sites  are  outfitted  with  3Com  access 
points  that  are  grouped  in  a  virtual  LAN  and  linked  to  a 


Shareware  route 

The  University  of  Georgia  in  Athens  started  its  search 
for  wireless  security  options  by  looking  at  shareware. 

Amy  Lyn  Edwards,  a  network  engineer  in  the  school’s 
enterprise  information  technology  services  (EITS)  divi¬ 
sion,  helped  organize  a  task  force  to  find  an  approach 
that  would  work  in  the  university’s  decentralized  com¬ 
puter  environment. 

She  says  the  task  force  was  formed  “to  try  to  stay  ahead 
of  the  wave” of  802.1  lb  access  points  from  Cisco,  Entera- 
sys  and  Apple  that  were  spreading  rapidly  across  its  col¬ 
lege  campuses. 

The  task  force  started  out  by  looking  at  shareware 
from  NoCatNet,  a  group  planning  a  wireless  network  in 
California. 

The  University  of  Georgia  staff  also  took  a  hard  look  at 
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Don’t  build  a  separate 
authentication  engine 
just  for  wireless  if  you 
don’t  have  to. 


EARLY  ADOPTERS'  DOs  AND  DON’Ts 


Install  a  gateway  that  fits  techni¬ 
cally  with  your  existing  authen¬ 
tication  and  encryption  mech¬ 
anisms,  such  as  directories 
used  as  repositories  and 
IPSec  clients. 

Look  at  shareware,  such  as 
NoCat  and  Sputnik,  and  maybe 
save  yourself  a  few  bucks. 


*  Overlook  the  bandwidth-management 
features  of  these  products. 

*  Lock  yourself  into  one  vendor's  product 
because  wireless  LAN  security  gateways 
are  relatively  new,  most  of  the  companies 
providing  them  are  start-ups,  and  the 
products  are  changing  quickly. 


software  developed  by  Georgia  Tech,  called  Local-Area 
Wireless/Walkup  Network,  for  a  wireless  campus  net¬ 
work  that  was  developed  more  than  a  year  ago  using 
access  points  from  3Com  and  Lucent.  While  these  share¬ 
ware  products  might  have  been  less  expensive  than 
commercial  products,  none  of  them  quite  fit  the  bill. 

“What  these  [packages]  didn’t  provide  was  a  way  to 
do  roaming  across  subnets,”  Edwards  says.“But  you  can 
learn  a  lot  by  testing  things  out  with  shareware.” 

In  its  final  evaluation  of  Bluesocket,  ReefEdge  and 
Vernier  products,  the  EITS  division  chose  Bluesocket  be¬ 
cause  it  offered  the  best  fit  with  existing  technologies, 
including  the  school’s  Novell  eDirectory  on  NDS.the 
central  repository  for  the  University  of  Georgia. 

In  addition  to  the  departmental  wireless  LANs  spring¬ 
ing  up,  the  university  is  building  out  an  extended  wire¬ 
less  network  called  Personal  Access  Wireless/Walkup 
Systems. The  school’s  technical  staff  is  requiring  users  to 
register  to  authenticate  identity,  which  is  accomplished 
through  the  Bluesocket  gateways. 

Evolving  standards 

Network  managers  often  say  they  want  to  stick  with 
one  security  gateway  vendor  to  minimize  management 
problems.  But  some  security  consultants  say  it’s  better  to 
experiment  to  find  out  what  works  best. 

“Locking  yourself  into  one  vendor’s  products  isn’t  a 
sound  idea,” says  Gary  Morse,  president  of  consultancy 
Razorpoint  Security  Technologies.  He  says  some  organi¬ 
zations  might  be  able  to  get  away  with  their  existing 
firewall  and  VPN  infrastructures,  and  skip  gateways 
altogether. 

But  regardless  of  approach,  all  users  swept  up  in  the 
wireless  revolution  will  have  to  keep  an  eye  on  what  is 
happening  in  the  standards  bodies.There  have  been  fits 
and  false  starts  associated  with  security  standards  for 
wireless  LANs  in  both  the  IEEE  802.1 1  and  the  Internet 
Engineering  Task  Force  (IETF). 

New  versions  of  the  much-maligned  WEP  and  other 
improvements  to  the  802.  IX  wireless  security  framework 
by  the  IEEE’s  802.1 1  standards  committee  are  under  way 
And  Cisco,  Funk  Software  and  Microsoft  are  battling  to 
push  through  favored  technologies  within  the  IETF  to 
improve  wireless  LAN  security. 

The  wireless  security  alphabet  soup  includes  Protected 
Extensible  Authentication  Protocol,  backed  by  Microsoft, 
Cisco  and  RSA  Security  as  a  substitute  to  Cisco’s  LEAP 
Funk  and  Certicom  are  advocating  something  similar 
called  Tunneled  Transport  Layer  Security  to  protect 
authentication  information  over  radio  waves. 

So  are  organizations  that  are  buying  security  gateways 
today  simply  looking  at  them  as  stop-gap  measures  until 
the  wireless  LAN  access  points  come  with  IEEE  and 
IETF  standards-based  security  that’s  more  easily  under¬ 
stood  and  trusted? 

Some  say  no,  some  say  maybe. 

“This  is  not  a  stop-gap  measure, ’’Tenet’s  Lett  says.Tm 
not  seeing  those  other  things  coming  along  very  quickly, 
and  going  with  hardware  is  a  good  way  to  handle  a  vari¬ 
ety  of  encryption  schemes.” 

But  at  Simon  Frasier  University  in  British  Columbia, 
which  has  installed  the  Vernier  Networks  system  on  its 
campus  wireless  LAN  to  provide  secure  password  au¬ 
thentication  via  browser  SSL  encryption,  the  answer  is 
“maybe”  because  the  Vernier  appliance  doesn’t  encrypt 
the  wireless  traffic. 

“A  year  from  now  we’ll  go  and  review  this,” says  Worth 
Johnson,  director  of  operations  and  technical  support  at 
the  university,  which  has  about  100  Enterasys  wireless 
access  points  installed. 

“The  Vernier  system  cost  me  only  about  $10,000  to  sup¬ 
port  20,000  people,  which  is  not  a  lot  of  money  802.  IX  is 
vaporware  right  now.  But  over  the  next  two  years,  we 
may  be  using  802.  IX  and  IPSec  VPNs  tools  that  work 
together;”  Johnson  adds.B 
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Reallocate  your  resources. 


HP  ProLiant  DL  580G2  Server 
with  Intel®  Xeon™  processors 

Server  time  and  space  are  precious  commodities,  at  least  from  where 
you're  sitting.  Your  customers  are  clamoring  for  more,  more,  more,  while 
you  try  to  figure  out  how  to  deliver  with  less,  less,  less. 

HP  ProLiant  servers,  powered  by  Intel®  Xeon™  processors,  put  you  in 
control  of  your  resources  so  that  you  can  realize  the  true  potential  of  your 
infrastructure.  ProLiant  Essentials  Workload  Management  Pack  software 
lets  you  allocate  your  resources  to  specific  tasks  and  then  reallocate  them 
as  needed  — automatically.  We  call  it  Dynamic  Resource  Scaling.  And  with 
this  added  control  and  increased  visibility,  you  may  even  find  you 
can  boost  efficiency  by  placing  more  workload  on  those  same  servers. 

It  all  adds  up  to  faster,  better  distribution,  increased  ROI  and  gigantic 
leaps  forward  in  customer  satisfaction.  Which,  of  course,  is  a  relief  to  you. 

Visit  www.hp.com/go/proliant74  or  cal!  1.800.282.6672, 
option  5,  and  mention  code  XFF  for  a  white  paper  on 
adaptive  infrastructure  and  a  free  trial  of  HP  ProLiant 
Essentials  software! 
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THE  QUALITY 


To  hire  an  electrical  contractor  who  employs  IBEW  workers,  contact 
your  local  NECA  chapter  or  IBEW  local  union.  To  find  a  NECA 
contractor,  call  The  NECA  Connection  at  800-888-6322. 
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TO  EXCELLENCE 


National  Electrical  Contractors  Association 
International  Brotherhood  of  Electrical  Workers 


Once  the  sole  purview  of  carriers,  beaming  gigabits  over  glass  is 


STEWART  SERUYA, 


'  finding  their  way  into  corporate  networks  as 
users  deploy  fiber  to  support  high-speed  con- 


ITY  AND  NETWORK  OFFICER 


buildings  in  a  metropolitan  campus.  Educational  insti¬ 
tutions  and  governmental  bodies  are  leading  the  way; 
even  a  few  utilities  and  financial  institutions  are  see¬ 
ing  the  light. 

Chief  motivators  for  employing  light  instead  of  electrons  are  simple 
physics  and  economics:  moving  more  weight  —  in  this  case,  applica¬ 
tions  —  at  faster  speeds,  leading  to  operational  efficiencies  that  save 
and  make  money. 

The  state  of  I  lawaii.for  example,  is  deploying  an  optical  Ethernet  net¬ 
work  to  support  increasing  amounts  of  bursty  data  traffic  and  cap  its 
investment  in  SONET. 

Hawaii's  Institutional  Network  (INET),  which  connects  the  state  govern¬ 
ment,  Department  of  Education  and  the  University  of  Hawaii  and  its  com¬ 
munity  colleges,  Iras  an  optical  Ethernet  network  augmenting  an  OC-12 
S(  )NET  ring.  INET  is  installing  up  to  30  Luxn  WavSystem  wavelength  divi¬ 
sion  multiplexers  (WDM)  to  extend  its  data  network. 

The  network  is  on  the  island  of  Oahu,  and  is  being  expanded  to  Maui 
and  Hawaii. 

INET  required  WDM  for  its  flexibility  and  bandwidth  capacity  as  it 
extends  its  network  to  outlying  areas, SONET  proved  unwieldy  for  han¬ 
dling  increasing  loads  of  data  traffic  from  Ethernet  and  Gigabit  Ethernet 
switches  at  the  INE’I's  three  users 

"We  looked  at  upgrading  S(  (NET  and  basically  felt  that  it  was  not  cost- 
effective,  and  it  wasn't  going  to  take  us  tar  enough  into  the  future." says 
David  Lassner.  technology  director  at  the  University  of  I  lawaii.  'We  could 
have  done  a  moderate  increase  in  capacity  but  then  we  would  have  been 
pushing  the  envelope  on  SONET  speeds." 

bassner  says  the  alternative  to  the  INET  WDM  network  would  have  been 
(  K'-IK  S( )NET, which  would  have  cost  at  Feast  five  times  what  Hawaii  spent 
on  INET. 

The  INET  backbone  consists  ot  two  physical  rings  The  rings  are  tied  to¬ 
gether  at  the  I  lawaii  Community  College  campus  using  a  Fujitsu  SONE  T 
switch  and  a  Cisco  Diver  3  switch. 

INET  considered  upgrading  this  network  to  OCHS  SONET  to  handle 
increasing  traffic  loads,  but  that  would  have  involved  replacing  the 
S(  )N!T  arid-drop  multiplexers  at  each  site.  Also,  the  three  users  of  the 
S(  INET  ring  had  different  bandwidth  requirements.  Independently  allo¬ 
cating.  regulating  and  expanding  the  network  capacity  would  be  diffi¬ 
cult  in  tire  shared  S(  )NET  ring  because  all  three  users  would  have  to 


If  you’re  building  an  optical  net¬ 
work  to  carry  mission-critical  traf¬ 
fic  like  voice,  make  sure  you  build 
in  carrier-grade  reliability 


EARLY  ADOPTERS'  DCs  AND  DON'Ts 


*  Look  at  coarse  WDM  as  a  less-expensive  alternative  when  imple 
meriting  an  optical  network. 


high-bandwidth  applications 


Toss  out  an  old  SONET  network.  WDM  can  be  mapped  to  SONET, 


agree  on  any  change 

"It’s  a  shared  network,  and  we  have  different  policies  oh-  how.  we  deploy 
TCP/IP,”  bassner  saysTDoing  a  shared  .TCP/IP*  probably  wasn't  going  to 
work,  in  addition  to  not  giving  us  enough  bmidwidlh.t  >ur  routing  issues 
would  have  been  just  too  complex."  1 

Each  user  also  had  different  voice  and  data  requirements  ranging  from 
T-l  to  1 0/ 1 OOM  bit/sec  and  Gigabit  Ethernet.  While T-l  service*  is  easily  , 
mapped  into  S(  JNET.the  various  data  services  would  require*  SONET  Irani 
inganet  the*  inhcre'iit  overhead  and  banelwielth  inefficiencies. 

INET  eleeieleel  to  keep  the  e*xisting  ( K '-12  S(  )NIT  network  in  plaec^tuyafys 
ing  tratfie  using  the*  1.310-nm  wavelength.  Ethi*rne*t  vveiulel  bhmi|Ripfe^i^ 
natively  onto  the  ring  at  various  International  Telecomitittipj^i^^jS^K 
l  ITU  i  1.500-t mi  wavelengths. essentially  emitting  multiple*  virtual tieJvVcwi^if 
ove*r  one*  pair  ot  fiber  •*  . 

At  the  backbone  loeatioii. the*  individual  ITU  Wavelength’s are„>nulJMT 
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pi<  xed  together. and  this  s;gnal  and  the  1,300-nm  wave- 
\<  ngth  from  the  colic  -  at  ci  SONET  switch  are  combined 
into  one  fiber  output. 

“We  actually  took  our  legacy  SONET  network,  put  it  on 
its  own  wavelength, and  then  we  opened  up  all  of  the 
Fnj/WDM  frequencies  for  new  use  without  having  to  dis¬ 
mantle  <  >ur  SONET  network," Lassner  says.“So  we  have 
our  legacv  SONET  in  place  but  we  don’t  expand  that  at 
all  And  on  the  new  connections  we’ve  pretty  much 
focused  on  Ethernet  technologies.” 

INET  is  keeping  SONET  around  for  now  to  limit  the 
scope  of  its  upgrade  project  and  take  advantage  of 
SONET's  50msec  path  recovery'.  As  a  result,  optical 
Ethernet  will  “underlay”  INET’s  SONET  infrastructure, 
Lassner  says. 

Making  the  grade  in  Miami 

The  University  of  Miami  is  seeking  to  provide  faster, 
more  cost-effective  information  sharing  and  collabo¬ 
ration  on  academic  research  on  subjects  ranging  from 
diabetes  to  ice  floes. So  the  largest  private  research 
university  in  the  southeastern  U.S.  has  deployed  a  met¬ 
ropolitan  optical  network  across  three  of  its  South 
Florida  campuses. 

The  university  opted  for  a  coarse  WDM  (CWDM)  net¬ 
work  built  with  four  ONI  Systems’  ONI  2500  transport  sys¬ 
tems.  CWDM  differs  from  WDM  in  that  wavelengths  are 
spaced  farther  apart,  which  requires  less  cooling  of  the 
laser.  CWDM  is  therefore  less  expensive,  which  means 
more  organizations  can  afford  to  implement  optical  net¬ 
work  technology. 

The  University  of  Miami  deployed  an  OC-48  CWDM 
network  packed  with  multiple  gigabit  links  and  Fibre 
Channel  storage  protocols.  One  optical  ring  has  a  Nortel 
OPTera  3500  OC-48  SONET  add/drop  multiplexer  that 
adds  and  subtracts  T-l  lines  and  Ethernets  between  the 
school’s  many  sites. 

“We  had  an  environment  of  multiple  T-ls  and  a  Bell¬ 
South  ‘Smartring’  SONET  OC-3  service,”  says  Stewart 
Seruya.the  university’s  chief  security  and  network  offi¬ 
cer.  “Then  we  purchased  a  long-term  lease  for  dark  fiber. 
We  wanted  to  replace  the  single  service  on  fiber  to  mul- 
tiservice  on  the  same  dark  fiber,  which  brought  us  to  the 
CWDM/ [dense]  WDM  project.” 

As  an  alternative  to  the  CWDM  network,  the  university 
would  have  had  to  purchase  multiple  OC-48  links  be¬ 
tween  its  various  sites,  which  was  considered  to  be  cost- 
prohibitive. 

“Ultimately;  we  did  the  CWDM-with-SONET  project  for  a 
one-and-a-half  year  payback,  compared  to  the  original 
costs  of  the  multiple  links  and  services  we  were  pur¬ 
chasing,”  Seruya  says.“At  the  same  time,  we  expanded 
our  capacity  exponentially/’ 

Seruyas  biggest  network  concern  is  that  familiar  shad¬ 
ow:  reliability. 

"Since  voice,  data,  video, storage  are  all  riding  on  one 
network/fiber  ring,  this  network  had  to  be  built  to  be  up 
99.999%  of  the  time,”  he  says. 

Not  to  mention  the  14  schools  and  colleges,  13,500  stu¬ 
dents,  8,500  employees  and  2,050  full-time  faculty  mem¬ 
bers  it  has  to  interconnect.  But  as  the  second  largest  pri¬ 
vate  employer  in  Miami-Dade  County'  and  one  of  the  top 
50  private  IJ.S.  schools  in  federal  research  funds  re- 
ceived.the  University  of  Miami  must  be  pretty  confident 
CWDM  will  come  through. 

Taxas  school  takes  different  route 

But  another  school  is  sticking  with  its  SONET  ring  to 
share  voice,  data  and  video  across  six  campuses  be¬ 
tween  five  and  50  miles  apart. The  El  Paso  Community 
College  (EPCC)  in  Texas  says  the  OC-48  redundant 
St  >NET  ring  w  ill  support  more  efficient  online  student 
t ration  and  laster  access  to  all  administrative  appli- 
,  .  <  its  including  payroll,  for  employees. 

mv  2' -02.  the  college  purchased  Ciscos  ONS  15454 


as  the  linchpin  of  theTast  Ethernet-over-SONET  network, 
dubbed  Orion. The  network  is  provisioning  100M  bit/sec 
full  duplex  circuits  to  each  of  the  school’s  campuses 
and  connecting  each  campus  to  the  main  central  site. 

Its  hundredfold  increase  in  speed  also  lets  EPCC  sup¬ 
port  one  critical  application  in  particular:  campus-wide 
crime  prevention  and  security.  EPCC  networked  video 
cameras  throughout  the  main  campus  and  equipped  its 
“Mission  Impossible” campus  —  which  houses  its  Law 
Enforcement  Center  —  with  videostreaming  technology 


Since  voice,  data, 
video,  storage  are  all 
riding  on  one  net¬ 
work/fiber  ring,  this 
network  had  to  be 
built  to  be  up  99.999/ 
of  the  time.” 

Stewart  Seruya,  chief  security  and 
network  officer,  University  of  Miam 


DANIEL  PORTNOY 


to  train  its  criminal  justice  students. 

Because  EPCC  is  only  running  Ethernet  over  SONET,  it 
does  not  need  the  multiservice  capabilities  of  WDM  or 
CWDM. The  school  eventually  plans  to  upgrade  to  OC- 
192  and  drop  a  gigabit  pipe  to  each  campus  to  support 
even  more  bandwidth-stressing  applications. 

“We’re  looking  at  providing  some  dual  credit-type 
applications,”  says  Fabiola  Rubio,  vice  president  of  re¬ 
source  management  at  EPCC.“If  you  are  a  student  at  a 
high  school, you  can  take  college  courses  for  credit.” 

EPCC  has  higher  goals  for  Orion,  however. The  school 
is  looking  to  spearhead  an  effort  to  partner  with  local 
community  organizations  to  share  the  network  and  the 
costs  associated  with  its  future  development. 

If  the  program  moves  forward,  many  local  organiza¬ 
tions  will  be  connected  to  the  same  network:  the  city  of 
El  Paso;  the  University  of  Texas  at  El  Paso;  the  El  Paso 
City  Libraries;  El  Paso  County;TexasTech  Health  Sciences 
Center;  the  El  FW)  Independent  School  Districts,  which 
includes  %  schools;  and  Region  19  Education  Service 
Center,  which  manages  educational  delivery  services  for 


the  community. 

Not  bad  for  a  network  that  began  as  two  strands  of 
fiber-optic  cable  that  Time  Warner,  then  known  as  Para¬ 
gon  Cable,  donated  to  the  El  Paso  community  in  the 
mid-1990s.  EPCC  offered  then  to  manage  the  network  to 
support  educational  initiatives,  and  continues  to  do  sa 

Another  community-centric  optical  network  is  being 
operated  by  the  city  of  Charlottesville. Va. Tire  city  imple¬ 
mented  its  OC-12  Ethernet-over-SONET  network  two 
years  ago  to  provide  high-speed  interconnections  be¬ 
tween  libraries, schools,  City  Hall,  recreation  centers,  fire 
and  police  departments  and  just  about 
any  other  public  building.says  Rick  Fore, 
director  of  IT  for  the  city 
The  city  also  wants  to  support  CRM  and 
enterprise  resource  planning  applications, 
and  integrate  them  with  packetized  voice 
to  improve  customer  relations, Fore  says. 

“We’re  now  looking  at  voice  over  IP  as  a 
solution  to  save  money  to  increase  func¬ 
tionality  to  improve  customer  service," 

Fore  says. “We  knew'  that  we  would  need 
good  connectivity  to  support  that  and  to 
be  able  to  leverage  what  1  think  will  be  the 
integration  between  phone  systems  and 
those  types  of  applications  so  that  we  can 
provide  better  customer  service.” 

Provides  order  in  the  court 

The  city  also  is  videoconferencing  court 
arraignments  over  the  network.That  way 
suspects  need  not  be  transported  between 
jail  and  courtroom  to  be  arraigned,  but 
can  attend  virtually  through  a  high-speed 
video  link-up  between  the  courthouse  and 
the  jail  over  the  optical  network. 

The  network  also  supports  a  high-band¬ 
width  connection  between  the  regional 
lockup  and  the  University  ofVirginia  med¬ 
ical  center  so  inmates  can  receive  a  med¬ 
ical  or  psychiatric  evaluation  without  leav¬ 
ing  their  cell,  Fore  says. 

The  city’s  network  is  a  SONET  ring  with 
four  major  nodes  —  Nortel  OPTera  Metro 
3400  systems  —  connecting  City  Hail,  the 
fire  department  headquarters,  the  emer¬ 
gency  communications  center  and  the 
city  parks  department  headquarters. What 
made  the  network  financially  attractive 
for  the  city  was  not  a  quick  return  on 
investment,  but  ownership  of  the  utility 
pole  rights  of  way  where  the  network  s 
fiber  is  strung. 

“We  swapped  rights  of  way  for  dark 
fiber,”  Fore  says.“So  we  were  able  to  get  our  dark  fiber 
around  the  city  for  next  to  nothing.” 

The  city  has  a  99-year  lease  for  the  fiber  at  the  cost  of 
$  1 ,  Fore  says. 

The  network  is  scalable  to  OC-48.  With  that  kind  of 
scalability,  plus  the  resiliency  of  SONET,  Fore  says  his  2- 
year-old  network  could  last  10  to  12  more  years. 

“It  gives  us  the  scalability  that  as  bandwidth  require¬ 
ments  grow,  we  can  grow  with  it  without  having  to  throw 
everything  out  and  start  over^he  says.“The  fact  that  I 
know  it’s  scalable  and  that  I  know  it  will  meet  our 
demands  for  the  next  10  years  in  itself  provides  some 
sort  of  return  on  my  investment."  ■ 
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BY  PHIL  HOCHMUTH 


The  Session  Initiation 


Protocol  is  winning  converts 
among  the  voice-over-IP 


crowd. 


JOHN  KRISTOFF, 

RESEARCH  AND 
DESIGN  MANAGER, 

NETWORKS  AND  TELECOM  GROUP, 
DEPAUL  UNIVERSITY 


Set  up  a  separate 


test  lab  network  to 


put  SIP  gear  through 
the  paces  before 
deploying. 


EARLY  ADOPTERS'  DOs  AND  DON'Ts 

Do 

•  Find  areas  on  the  network  where  SIP  and 
VoIP  can  be  integrated  unobtrusively.  Look 
to  more  tech-sawy  end  user  groups  for  pilot 
deployments. 

•  Look  for  a  long-term  migration  from  tradi¬ 
tional  voice  to  VoIP  and  SIP. 

Don't 

•  Get  roped  into  versions  of  SIP.  Be  wary  of 
VoIP  technology  “based  on"  SIP,  but  not  on 
the  actual  IETF  standard.  Such  products 
may  have  interoperability  problems  with 
other  SIP-based  gear. 

•  Be  closed-minded  about  letting  a  SIP- 
based  network  interoperate  with  other  pro¬ 
tocols  such  as  H.323  or  Media  Gateway 
Control  Protocol. 

•  Forget  to  include  a  strong  service-level 
agreement  with  any  service  providers  that 
will  pay  you  back  in  a  service  outage. 


Ohe  Session  Initiation  Protocol  has 
gained  industry  momentum  for  its 
promise  as  the  future  of  real-time 
voice,  video  and  messaging  applications. 
But  early  adopters  like  it  for  one  reason 
—  it’s  very  simple  to  manage. 

SIP  is  an  IETF  standard  for  establishing  and  terminating 
real-time  application  sessions  over  the  Internet.  SIP’s  ere 
ators  built  it  similar  to  HTTPthe  standard  for  transmitting 
Web  page  information.  SIP  is  text-based,  meaning  that 
commands  are  coded  in  a  format  that  makes  it  easy  for 
application  developers  to  write  programs  that  use  it. 

The  protocol  operates  at  Layer  7  of  the  Open  Systems 
Interconnection  model  stack,  in  conjunction  with  TCP/ 

IP  and  Real-Time  Protocol  (RTP),  which  are  Layer  3  and 
Layer  4  protocols.TCP/IP  and  RTP  transmit  packetized 
voice  and  video  in  sessions  established  with  SIP 
“We’re  interested  in  SIP  as  the  key  component  to  a  base 
voice-over-IP  architecture,”  says  John  Kristoff,  research  and 
design  manager  for  the  networks  and  telecom  group  at 
DePaul  University  in  Chicago. The  school  recently  installed 
a  test  SIP  deployment  with  15  SIP  phones  from  Pingtel, 
along  with  Pingtel  s  Linux-based  SIPxchange  IP  PBX. 

“VoIP  and  SIP  are  really  separate,  and  one  does  not  nec¬ 
essarily  rely  on  the  other;”  Kristoff  says.“However,SIP  is  the 
preferable  core  architecture  for  implementing  VoIP” 
Kristoff  says  the  simplicity  of  the  protocol,  along  the 
lines  of  TCP/IRallows  it  to  be  deployed  on  networks  with¬ 
out  requiring  lots  of  technical  rejiggering  of  network 
equipment  or  protocols.  Basically  if  a  network  can  sup¬ 
port  Web  traffic,  it  can  run  SIP 
VoIP  vendors  such  as  Siemens,  Nortel,  Alcatel  and  Cisco 
have  made  plans  to  come  out  with  SIP-based  VoIP  servers 
by  year-end  or  next  year.  For  smaller  deployments,  Mitel 
and  Pingtel  offer  SIP-based  phones  and  IP  PBX  products. 

Last  year,  SIP  got  a  shot  in  the  arm  when  Microsoft  threw 
its  weight  behind  the  protocol  by  including  it  as  the  base 
call  set-up  technology  for  its  Windows  Messenger  applica¬ 
tion  in  Windows  XPThe  successor  to  Microsoft’s  H.323- 
based  NetMeeting,  Windows  Messenger  integrates  voice, 
video,  instant  messaging  and  “presence  management,”  an 
instant-messaging  feature  that  notifies  users  who  on  their 
buddy  lists  is  available. 

Sometimes,  the  best  technologies  are  the  ones  you  don’t 
even  notice  are  there.This  is  the  case  at  Computer  Korner, 
a  PC  retailer  in  Ottawa.The  business  has  two  stores  in  the 
city  and  recently  installed  Mitel’s  SIP-based  3050  IP  PBX 
and  5505  IP  SIP  phones  to  support  the  locations. 

“What  we  had  previously  wasn’t  a  system;  it  was  just 
some  Bell  [Canada]  lines.  We  were  looking  for  a  system 
for  a  way  to  better  utilize  those  lines,” says  Dave  Hill, 
Computer  Korner  owner,  who  worked  with  Mitel  engi¬ 
neers  to  install  the  box. 

The  3050  is  an  all-in-one  small-office  PBX,  and  also 


includes  a  firewall,  file-and-print  server  and  router. 

The  telephony  part  of  the  device  is  based  on  SiPwhich 
lets  boxes  deployed  across  a  wide  area  find  each  other 
easily  and  interconnect  with  minimal  configuration. 

Hill  uses  his  company’s  broadband  cable  modem  In¬ 
ternet  service  to  connect  the  two  Mitel  3050s  in  each 
office.  The  3050s  sit  behind  the  cable  modem  and  let  em¬ 
ployees  on  5055  SIP  phones,  which  plug  into  the  Ethernet 
LAN  running  in  each  store,  call  across  town  to  each  other 
over  the  Internet  with  a  four-digit  dialing  plan. 

The  simplicity  of  the  configuration  was  key,  Hill  says. 
The  3050s  have  Dynamic  Host  Configuration  Protocol 
and  Web  servers  running  on  them,  so  all  the  software 
for  Internet  connectivity  is  up  and  running  when  the 
IP  PBXs  were  brought  online. The  SIP  technology  on 
the  phones  and  the  IP  PBX  from  Mitel  let  Computer 
Korner  staff  make  calls  back  and  forth  over  the  Inter¬ 
net  as  easily  as  if  they  were  sending  e-mail  or  instant 
messages,  he  adds. 

This  kind  of  simple  connectivity  the  Mitel  3050  devices 
provide  via  SIP  is  an  example  of  why  SIP  was  created  in 
the  first  place,  says  one  industry  expert. 

“The  Internet  works  the  same  way  in  China  as  it  does  in 
Scotland  and  the  U.S.  because  of  standards  such  as  HTTP 
and  IP20,”says  Henry  Sinnreich,a  distinguished  member 
of  engineering  at  WorldCom  and  a  member  of  the  IETF’s 
SIP  subcommittee.“SIP  is  a  closet  cousin  of  HTTRso  voice 
just  appears  as  another  Web  application.This  is  really  the 
key  to  making  [VoIP]  interoperable  and  easy  to  use.” 

Menlo  College  in  Atherton,  Calif., uses  SIP  in  conjunc¬ 
tion  with  its  Cisco-based  VoIP  system  installed  on  campus 
with  Cisco  IP  phones  deployed  to  all  faculty  staff  and  stu¬ 
dent  dorm  rooms.  Deployed  throughout  the  campus  are 
500  Cisco  7960  IP  phones  that  can  be  enabled  with  SIP 
and  other  protocols. 

SIP  coexists  on  Menlo’s  network  along  with  the  H.323 
protocol  and  Cisco’s  Skinny  Call  Control  Protocol,  both  of 
which  run  natively  on  Cisco  CallManager  IP  PBXs.  Menlo 
has  installed  an  open  source  SIP  server  gateway  devel¬ 
oped  at  Columbia  University,  which  maps  Cisco  SIP 
phones  to  an  H.323  address  and  allows  SIP  devices  to 
register  on  the  CallManager  IP  PBX. 

The  SIP  phones  from  Cisco  have  greatly  eased  the  tele¬ 
com  management  burden  of  the  school’s  IT  staff. 

“The  management  aspects  of  it  are  incredible,” says  Blair 
Simmons,  director  of  IT  at  Menlo  College. “All  the  configu¬ 
ration  is  in  the  device  itself.”  When  plugged  into  any 
Ethernet  port,  the  phones  automatically  update  the  cen¬ 
tral  server  of  the  phones  new  address  and  location. 

For  DePaul  University’s  Kristoff,  new  applications  such  as 
using  the  IP  phone  as  a  thin  client,  or  advanced  unified 
messaging  and  video  applications  are  the  main  reasons 
he  thinks  SIP  will  pay  off. 

“For  many  large  environments,  the  advantage  of  VoIP 
will  likely  come  from  new  applications  or  new  uses  of  the 
technology  rather  than  as  an  attempt  to  cut  phone  man¬ 
agement  costs  by  shear  system  replacement  he  rays.  4” 


BY  TIM  GREENE 

Route  control  customers 
say  they’re  experiencing 
unexpected  benefits. 


Ooute  control  products  and  services 
are  primarily  designed  to  pick  the 
best  paths  for  Internet  traffic  at  com¬ 
panies  that  use  more  than  one  ISP  But 
early  adopters  of  the  technology  say  it 


delivers  a  range  of  additional  benefits. 


EARLY  ADOPTERS'  DOs  AND  DON'Ts 

Do 

■  Share  route  control  data  with  ISPs  to 
help  them  deliver  better  services. 

*  Check  that  your  routers  have  the  horse¬ 
power  to  handle  frequent  BGP  updates. 

Don't 

*  Expect  direct  return  on  investment. 

*  Take  ISPs'  word  about  SLA  compliance. 


SCOn  ELLENTUCH, 

PRESIDENT,  TTSG  INTERNET  SERVICES 


Use  information 
gleaned  from  route 
control  products  or 
services  to  renegotiate 
better  ISP  contracts. 


In  deciding  which  way  traffic  should  go,  route  con¬ 
trollers  gather  data  that  companies  can  also  use  to 
decide  how  much  more  bandwidth  they  might  need  to 
buy,  to  ensure  that  ISPs  are  living  up  to  service-level 
agreements  (SLA)  and  to  negotiate  new  service  pro¬ 
vider  contracts. 

Route  controllers  are  network  appliances  that  sit  behind 
firewalls  in  multihomed  networks  as  peers  to  Border 
Gateway  Protocol  (BGP)  routers. They  probe  to  deter¬ 
mine  how  well  each  available  ISP  connection  is  perform¬ 
ing  and  pick  the  best  one. Vendors  of  this  type  of  equip¬ 
ment  and  service  include  netVmg,  Proficient,  Route 
Science  Technologies  and  Sockeye. 

Jonathan  Davies,  COO  of  hosting  provider  UPNetworks 
in  San  Francisco,  says  his  Proficient  equipment  directs  as 
much  traffic  as  possible  to  his  Williams  Internet  link 
rather  than  his  others  because  it  is  one-third  the  cost.“We 
clearly  want  to  use  the  cheap  stuff  whenever  we  can,”  he 
says,  as  long  as  performance  is  up  to  par. 

BGP  alone  picks  the  route  that  involves  the  fewest 
router  hops.  But  users  want  to  factor  in  other  parameters 
such  as  delay  and  which  link  costs  the  least.  Route  con¬ 
trollers  do  this  and  then  update  BGP  route  tables  accord¬ 
ingly  to  determine  which  ISP  traffic  gets  sent  to.  Later,  if 
another  ISPs  performance  becomes  the  best  choice,  the 
route  controller  changes  the  route  tables  again. 

Widener  University  in  Chester,  Pa.,  uses  RouteScience 
equipment  primarily  to  keep  performance  up  by  prevent¬ 
ing  any  one  ISP  link  from  becoming  overloaded. When  a 
certain  percentage  of  one  link  is  being  used,  the  box 
shifts  more  traffic  over  to  links  that  haven’t  reached  their 
high-water  mark,  says  Larry  Pfeifer, Widener’s  network 
engineer. This  is  a  core  function  of  route  control  equip¬ 
ment,  but  it  has  value  in  helping  users  figure  out  how 
much  more  capacity  to  buy  when  traffic  increases. 

Before,  if  BGP  was  favoring  one  link,  and  it  became  con¬ 
gested  over  time,  the  school  had  to  buy  more  bandwidth 
for  that  link.  But  it  was  never  clear  how  much  more  band¬ 
width  was  really  needed  because  BGP  could  be  unpre¬ 
dictable,  says  Fred  Franzel.a  vice  president  at  Ventures- 
Online,a  hosting  provider  in  Greenwood  Village,  Colo. 

With  route  control, Widener  now  knows  its  traffic  will  be 
distributed  across  its  links, so  it  can  buy  extra  capacity 


from  any  of  its  ISPs  based  on  how  much  traffic  servers 
are  generating.“Now  we  apportion  bandwidth  going  out 
more  fairly  and  use  the  full  capacity  we  buy  It’s  huge,” 
Pfeifer  says. 

Data  gathered  by  route  control  gear  in  the  course  of 
performing  its  functions  can  be  used  to  keep  ISPs  hon¬ 
est,  says  Scott  Ellentuch,  president  of  TTSG  Internet 
Services  in  New  York. The  data  TTSG  gathers  from 
Sockeyes  route  optimization  service  tells  whether  its 
ISPs  are  meeting  SLAs. 

TTSG  also  shares  the  data  it  gathers  with  its  ISPs  in 
hopes  of  encouraging  them  to  improve  their  service, 
Ellentuch  says.  If  the  ISP  sees  that  TTSG  is  diverting  traffic 
from  its  link  because  performance  is  subpar,  it  might  take 
steps  to  improve,  he  says.  Or  if  it  sees  that  traffic  is  being 
diverted  because  another  ISP  is  less  expensive,  it  might 
offer  a  better  deal. 

While  route  control  gear  can  help  customers  avoid  ISPs 
whose  networks  are  congested,  at  the  moment, sharing 
route  control  data  about  these  problems  with  ISPs  can 
help  prevent  brownouts.  Sockeye  gathers  the  information 
ISPs  need  to  track  down  the  roots  of  problems.“Providers 
demand  a  trace  route,  and  this  gives  us  the  documenta¬ 
tion  we  need,”  Ellentuch  says. 

VenturesOnline  uses  netVmg  gear  to  pick  ISP  connec¬ 
tions  and  hopes  the  equipment  also  can  help  the  com¬ 
pany  pit  its  ISPs  against  each  other  as  they  bid  to  provide 
additional  capacity,  Franzel  says. 

With  many  users  trying  to  connect  to  many  customers’ 
servers  in  VenturesOnline’s  data  center.it  was  difficult  to 
shift  large  amounts  of  traffic  to  underused  links  by  manu¬ 
ally  adjusting  BGP  tables,  Franzel  says.The  netVmg  gear 
allows  identifying  and  shifting  large  chunks  of  traffic  auto¬ 
matically  via  preset  policies  so  VenturesOnline  can  maxi¬ 
mize  use  of  its  available  connections.  If  the  company 
needs  more  bandwidth,  it  can  seek  competitive  bids  from 
its  three  ISPs  rather  than  being  forced  into  buying  more 
bandwidth  from  the  provider  that  BGP  favors.'We  hope  to 
get  better-negotiated  contracts  for  minimum  [traffic] 
commitments,"  Franzel  says. 

The  policies  that  automate  route  selection  also  save  a 
lot  of  time,  he  says.“I  was  hand-writing  policies  on  Juniper 
routers  to  adjust  the  BGP  tables.  I  could  make  a  change 
and  5  minutes  later  have  to  change  it  again,”  Franzel  says. 
His  company  has  Internet  connections  from  Time  Warner 
Telecom,  AT&T  and  Yipes  Enterprise  Services, and  chang¬ 
ing  route  tables  to  balance  traffic  load  was  literally  a  full¬ 
time  job.  Now  Franzel  doesn’t  have  to  do  any  of  the  BGP 
updates,  and  the  traffic  is  distributed  more  effectively  than 
when  he  did  them  himself. 

Northwest  Multiple  Listings  in  Kirkland  Ore.,  gains  bene¬ 
fits  from  using  F5  Networks' Web  acceleration  equipment 


SPECIAL  REPORT: 


that  are  similar  to  those  gained  by  route 
control  product  and  service  users,  says 
Raymond  Williams,  Northwest’s  network 
developer.  Real  estate  agents  who  tap 
Northwest’s  database  of  properties  for  sale 
can  access  servers  via  connections  with 
three  ISPs,  and  F5’s  equipment  keeps  any 
one  link  from  clogging  up  at  peak  times. 

The  F5  gear  has  enabled  Northwest  to 
dump  BGP  altogether  and  even  give  up  its 
autonomous  system  designation,  which  is 
needed  to  participate  as  a  BGP  peer.  Using 
the  equipment  also  relieves  the  stress  of 
making  BGP  changes  that  could  affect 
performance  of  routers  outside 
Northwest’s  network,  Williams  says. 
Dropping  BGP  also  increased  CPU  avail¬ 
ability  on  routers  10%  to  15%  and  freed 
router  memory  that  was  maintaining  BGP 
tables,  he  says. 

While  the  unexpected  benefits  of  route 
optimizing  gear  have  been  many  for  early 
adopters,  it  is  important  to  keep  in  mind 
that  the  offerings,  which  can  range  in 
price  from  $15,000  to  $250,000,  also  can 
result  in  big  cost  savings.  For  instance, 
TTSG  is  saving  money  with  route  control 
technology  because  it  keeps  the  company 
from  overrunning  its  minimum  commit- 
ments.TTSG  has  dropped  from  paying 
$16,000  to  $17,000  per  month  in  band¬ 
width  overruns  to  about  $1,000  per 
month,  Ellentuch  says. 

“[Route  control  gear]  gives  us  more 
leverage  with  our  providers  because  we 
can  go  back  to  them  with  specific  perfor¬ 
mance  information,”  he  says.B 


Zimon 

Continued  from  page  53 

Internet  access. We’ve  completed  all  net¬ 
work  integration  work  associated  with  the 
merger  of  Boston  Edison  and  Common¬ 
wealth  Energy  that  formed  Nstar. 

On  the  computing  side,  about  90%  of  our 
servers  are  in  our  data  centers.  We  have 
several  types  of  Unix,  but  are  in  the  midst 
of  a  consolidation  in  which  we’re  moving 
all  Unix  servers  to  Sun  Solaris  SunFires. 

They  offer  high  availability  and  can  back 
each  other  up.  We  have  [Windows]  NT 
servers  and  are  moving  to  Windows  2000, 
and  have  mainframes  running  a  couple  of 
major  applications  that  are  outsourced  to 
IBM.  We  manage  the  NT  servers  internally 
but  outsource  the  Unix  server  manage¬ 
ment  to  IBM. 

If  you  could  change  one  thing  about 
your  network,  what  would  it  be? 

Our  network  is  basically  sound.  If  we 
could  change  anything.it  would  be  to 
automate  security  patches  and  updates  for 
the  network.  From  a  technical  standpoint, 
this  could  be  done,  but  from  a  practical 
standpoint  we  have  always  had  trouble 
with  the  automated  update  process.The 
other  area  would  be  to  ensure  more  auto¬ 
mated  and  proactive  network  perfor¬ 
mance  monitoring  and  intrusion  detec¬ 
tion  . . .  both  of  which  we  are  working  on. 

What  did  you  learn  being  on  the  ven¬ 
dor  side  that  you've  been  able  to  use 


on  the  user  side? 

I  was  CIO  at  Boston  Gas, 
then  moved  to  Oracle  [for  nine  months], 
where  I  got  a  much  broader  view  of  all 
aspects  of  the  energy  industry  I  was 
responsible  for  helping  Oracle  with  prod¬ 
uct  development  and  to  increase  its  pene¬ 
tration  for  this  sector.  I  got  a  broad  per¬ 
spective  on  how  partnerships  should  work 
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between  systems  integrators  and  ven¬ 
dors,  I  viewed  the  product  develop¬ 
ment  life  cycle  and  the  approach  to  which 
products  are  released  and  tested.lt  cer¬ 
tainly  gave  me  an  understanding  of  pric¬ 
ing  structures  in  terms  of  what  can  and 
can’t  be  done. 

From  a  negotiating  standpoint,  I  got  a  bet¬ 
ter  perspective  on  where  a  vendor  comes 


from.You’ve  got  to  look  at  the  four  parties 
in  any  negotiation:  the  project  manager 
and  decision-maker  on  your  side,  and  the 
salesperson  and  sales  manager  on  the  ven¬ 
dor  side. They’ve  all  got  different  objectives 
and  you’ve  got  to  develop  a  negotiating 
strategy  that  results  in  a  win-win  situation 
since  you’re  really  building  a  partnership, 
not  just  beating  the  vendor.  ■ 


MY  NAME  IS  TONY.  THIS  IS 


MY  OFFICE 


Electronic  Labeling  Systems 


Tony  Serignese 
Information  Systems  Director 
Brother  International  Corporation 
Bridgewater,  NJ 

Uses  the  PT-1300 
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In  my  office,  I  have  to  keep  everything 
running  smoothly.  From  servers  to  work¬ 
stations,  one  disruption  can  be  disastrous 
and  cost  the  company  a  lot  of  money. 

That's  why  I  use  the  P-Touch®  PT-1300. 

When  it  comes  to  identification,  it's  all  I  need. 
With  P-Touch  labels,  I  can  easily  identify  all  my 
servers,  workstations,  patch  panels,  cables 
and  face  plates,  making  troubleshooting  quick 
and  minimizing  downtime. 

After  all,  when  I'm  not  in  the  office,  the  com¬ 
pany  has  to  run  without  me.  And  with  all  the 
equipment  clearly  marked  with  P-Touch 

GraytiaR 

(800)622-6312  (800)825-5517 


labels,  I  can  trust  someone  else  to  get  the 
job  done  with  ease. 

From  LANs  to  WANs,  Intranet  to  Internet, 
my  P-Touch  labeler  makes  every  connec¬ 
tion  possible. 


P-Touch  systems -the  perfect  office  labels, 
wherever  your  office  may  be.  Enter  the 
P-Touch  People  Contest 
and  tell  us  how  your 
P-Touch  helps  you 
organize  your  office. 

We  want  to  know. 


www.ptouchpeople.com 


$  NEWARK 

(800)463-9275 


_ 

(847)918-3700 


P-Touch®  Electronic  Labeling  Systems 
create  industrial  strength  and  standard 
adhesive-backed  laminated  labels  to 
organize  virtually  anything. 

•  Standard  Laminated  Tapes:  Bright,  easy-to- 
read  labels,  perfect  for  safety  precautions  arid 
high  visibility  when  hidden  behind  cables. 
Available  in  a  variety  of  colors  and  widths 

•  Security  Tapes:  Leave  a  checkered  pattei  n  :! 
removed,  to  see  if  anyone  has  tampered 
with  them. 


•  Industrial  Adhesive  Tapes:  Adhere  up  to  two- 

times  stronger  than  standard  laminated  tapes 


www.brother.com  •  1-877-4PTOUCH 


©2002  Brother  International  Corporation,  Bridgewater,  NJ  •  Brother  Industries  Ltd.,  Nagoya.  Japan 


This  January,  see  why  It’s  never  lonely  at  the  top. 


CONFERENCE:  January  27-29, 2003  EXPO:  January  28-30, 2003  Washington  Convention  Center,  Washington  D.C. 


KEYNOTE  SPEAKER: 

Dan  Warmenhoven 

Chiet  Executive  Officer 
Network' Appliance.  Inc. 


KEYNOTE  SPEAKER: 

Daniel  J.  Mehan.  Ph.D. 

Assistant  Administrator 
for  Information  Services  & 
Chief  Information  Officer 

Federal  Avialion  Administration 


I 

WiH 


KEYNOTE  SPEAKER 

John  Schwarz 

President  & 

Chief  Operating  Olficei 

Symantec  Corporation 


So  what  else  do  today's  leaders 
know  that  you  don't?  Find  out  at 
COMNET  2003.  For  more  details, 
visit  www.comnetexpo.com. 

Or  call  1-866-266-6389. 


Where  leaders  network 

*Data  based  on  COMNET  total  attendance. 


Every  year,  more  senior  IT  and 
business  executives  attend  COMNET 
Conference  &  Expo  than  any  other 
networking  show*  Because  they  know 
they'll  get  an  up-close  look  at  the  very 
latest  networking  technologies, 
without  all  the  hype  and  the  hoopla. 
They'll  talk  face-to-face  with  the 
experts  about  implementing  new 
technologies  for  storage,  security,  Web 
services,  wireless  infrastructure  and 
more.  And,  they'll  network  with  other 
leaders  weighing  similar  purchases. 


SfeMNET 

www.comnetexpo.com 

©COMNET  Conference  &  Expo.  All  rights  reserved.  All  other  trademarks  contained  herein  are  the  property  of  the  respective  owners. 
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“The  human  beings  in  our  call 
center  were  often  just  typing 
into  a  system  and  reading  back 
what’s  on  the  screen. The 
[virtual  representative]  ^ 
can  do  that  just  as  well  —  g  I . 
and  a  lot  cheaper.  ” 


BY  ANN  BEDNARZ 


Oordstrom’s  salespeople  are  getting  ready 
to  throw  out  their  little  black  books. 
Instead  of  filling  pages  with  hand- 
scrawled  notes  about  customers’ sizes  and 
designer  preferences,  20,000  sales  clerks  at  the  Seattle 
chains  137  stores  soon  will  be  using  new  software 
and  mobile  devices  to  track  their  customers’ tastes 
and  match  them  to  new  merchandise  arrivals  and 
store  promotions. 

The  applications,  which  will  be  available  via  new 
point-of-sale  and  mobile  devices  that  are  in  develop¬ 
ment  now,  include  Blue  Martini  Clienteling  software  for 
managing  customer  product  information  and  prefer¬ 
ences,  and  Blue  Martini  Relationship  Marketing  for  cre¬ 
ating  targeted  messages  for  customers. The  software 
will  gather  data  from  sales  transactions  and  correlate  it 
with  data  the  salespeople  input. 

What  makes  this  aspect  of  Nordstrom’s  CRM  effort 
unique  is  that  it’s  intended  for  in-store  employees. CRM 
rollouts  usually  stop  short  of  the  retail  sales  floor,  and 
often,  valuable  customer  data  collected  at  the  POS 
goes  unused  by  retailers. 

Historically  the  three  pillars  of  CRM  have  been  sales, 
marketing  and  service. Sales  applications  were  built 
around  salesforce  automation  and  have  grown  to  in¬ 
clude  account  management,  opportunity  management 
and  incentive  compensation  management. Typical 
users  are  direct  sales  staff  and  the  management  teams 
who  monitor  sales  pipeline  information. 

Marketing  applications  run  the  gamut  from  advertis- 


Four  pioneers  from  different  industries 
tailor  CRM  technology  to  better  their 
customer  relations. 


ing  and  e-mail  marketing  campaigns  to  lead  manage¬ 
ment  and  customer  analytics. Typical  users  are  in  cor¬ 
porate  marketing  departments. Service  applications 
encompass  field  service  automation  and  contact  cen¬ 
ter  capabilities.Typical  users  work  in  call  centers  or  in 
the  field  handling  customer  service  requests. 

But  after  a  blizzard  of  high-profile  CRM  failures  over 
the  past  few  years  —  marked  by  unrealistic  goals  and 
ill-suited  functional  choices  —  companies  are  looking 
not  just  at  the  three  traditional  CRM  buckets,  but  at 
what  makes  sense  for  their  businesses. 

For  Nordstrom,  what  makes  sense  is  getting  customer 
information  to  retail  sales  personnel  in  real  time, 
whether  those  customers  are  conducting  business  on 
the  Web,  in  the  store  or  over  the  telephone. 

In  Nordstrom’s  case,  if  a  new  shipment  of  a  specific 
brand  of  shoes  arrives  in  the  store,  a  salesperson  could 
be  prompted  to  notify  customers  who  like  that  brand! 
either  by  sending  an  e-mail  message  or  calling  a  cus¬ 
tomer  directly  depending  on  the  customer  preferences. 

Typically  those  who  are  selling  on  the  retail  floor  de¬ 
pend  on  walk-in  traffic  to  make  a  sale.  Blue  Martini’s 
software  gives  Nordstrom’s  salespeople  a  virtual  edge 
to  establish  stronger  ties  with  their  repeat  customers. 

Service  with  a  smile 

Even  though  CRM  has  been  around  for  at  least  a 
decade,  customer  serv  ice  remains  a  trouble  spot,  par¬ 


ticularly  over  the  Internet. 


In  its  latest  study,  CustomerRespect.com  found  that 
37%  of  Fortune  100  companies  offered  no  reply  to  a ; 
general  inquiry  submitted  to  thejr  Web  site  —  despite  .  • 

offering  either  an  online  form  or  email  contact;  .  •  ; 

But  that’s  not  the  case  with  Defense  Logistics  In- .  ;  '  : 

formation  Service  (DL1S). This  division  of  .the:  Defense-.  ' 

Logistics  Agency  within  the  Department  of  Defense 
has  made  online  response  a  high priority  '  / 

From  its  Battle  Creek.  Midi.,  base.  DLLS  provides  elec¬ 
tronic  catalogs  and  other  reference  information  ori  all  ...  >- 
items  of  supply  in  the  Defense  Department — that’s  a 
whopping  6.5  million  active  items.  Military  and  civilian 
personnel  use  the  catalogs  to  order  .supplies  and  mate-  .Jr.- 
rials.  In  all.  the. DUS  supports  18  wholesale  sites, 578je-  '  t!^ 
tail  sites.  2.25  million  Defense  Department  employees  .,. 
and  40  international  governments. 

The  DL1S  has  had  a  call  center  for  many  years  toOC 
handle  phone  and  e-mail  inquiries. as  well 
site  But.a  1999’ study  showed  DUS  that  it  vvasriTnV^fy^^^?; 
ing  the  most  of  its  expensive  call  center  resoun  7-'$ 

study  revealed  that  about  70;  ,  of.inquirl|sfy^f<'  by  - ify 
questions  about  logistics  information  man;  / 

products  and  serv  ices.  „  -  .  7 

A  team  at  DLLS  set  out  to  make  its 
sources  more  user-friendly  —  hoping 
some  of  the  repetitive  calls'.  DUS  ope 
Web-based  'virtual  representative 
Native.MiiK  Is'  Xeur<  >Server 
which  runs  on  \ licrbsoft 
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employs  pattern-matching  technology  that  interprets  ques¬ 
tion  type, context  and  subject,  and  applies  algorithms  to 
determine  the  best  answers  from  among  data  sources. 

The  DUS  vRep,  named  Phyllis,  provides  automated, 
round-the-clock  customer  service. 

“The  human  beings  in  our  call  center  were  often  just  typ¬ 
ing  into  a  system  and  reading  back  what’s  on  the  screen. 
The  vRep  can  do  that  just  as  well  —  and  a  lot  cheaper?’ 
says  Raymond  Zingaretti,  program  manager  at  DLIS. 

The  vRep  is  more  than  a  simple  search  tool,  Zingaretti 
says.The  vRep  has  a  human  face,  to  make  interactions 
less  intimidating.  And  instead  of  simply  returning  a 
lengthy  list  of  documents  that  contain  a  particular  key¬ 
word,  Phyllis  can  engage  in  a  dialog  with  a  user  to  deter¬ 
mine  what  the  user  needs. 

Phyllis  —  named  after  FLIS.or  the  Federal  Logistics  In¬ 
formation  System  —  answers  customer  questions, 
phrased  in  natural  language,  with  conversational  dia¬ 
logue.  It  can  interpret  what  people  mean,  Zingaretti  says. 

Someone  looking  for  an  item  name  that  they  need  for  a 
requisition  form  might  ask  Phyllis, “What  is  the  proper 
item  name  for  XYZ?”The  old  Web  way  required  users  to 
browse  the  Web  site  and  find  the  online  section  for  prod¬ 
ucts,  find  the  application  that  will  help  look  up  item 
names,  type  the  item  description  in  the  search  box,  hit 
enter  and  get  the  results,  Zingaretti  says.  Phyllis  can  search 
the  appropriate  database  and  return  the  answer  in  one 
step.Thyllis  gives  our  customers  an  easier,  more  direct 
way  to  find  the  information  they’re  looking  for?’ he  says. 

The  vRep’s  expressions  change  from  happy  to  confused, 
depending  on  whether  she  can  provide  an  answer  to  a 
customer’s  inquiry  Phyllis  portrays  a  disappointed  look  to 
profanities  and  then  reprimands  the  asker:“Excuse  me, I’d 
be  glad  to  handle  your  question,  that’s  no  problem,  but  I’m 
not  able  to  handle  your  abusive  language.” 

This  consistency  of  answers  and  attitudes  is  a  benefit 
that  can’t  always  be  achieved  with  live  personneb’With 
the  vRep,  no  matter  how  many  times  the  question  gets 
asked, you  get  the  same  answer?’ Zingaretti  says. 

Zingaretti  and  his  team  review  Phyllis’  conversation  logs 
daily  and  constantly  update  its  database  to  provide  better 
service.  Usage  of  the  vRep  is  climbing  steadily  Phyllis’ 
accuracy  rate  hovers  at  about  85%, Zingaretti  says. 

Travel  time 

The  good  news  for  travel  and  hospitality  companies  is 
that  online  travel  sales  are  hot. 

Research  firm  comScore  Networks  reports  that  online 
travel  sales  represent  the  largest  consumer  e-commerce 
category,  and  its  growth  continues  to  outpace  the  non¬ 
travel  sector. Travel  is  gaining  an  increasing  share  of  total 
consumer  online  dollars:  43%  in  the  first  three  quarters  of 
2002,  up  from  39%  during  the  same  period  last  year. 

The  bad  news  is,  along  with  opportunity  comes 
competition. 

Six  Continents  Hotels  —  which  has  assets  that  include 
the  InterContinental,  Crowne  Plaza,  Holiday  Inn,  Holiday 
Inn  Express  and  Staybridge  Suites  hotels  —  is  using  CRM 
to  fuel  its  online  sales  efforts.  Personalized, stellar  service 
is  key  to  its  efforts, says  Del  Ross,  director  of  Internet  busi¬ 
ness  at  Six  Continents. 

“Our  product  is  more  than  a  comfortable  bed  and  a 
clean  room,  Ross  says.'Our  product  is  every  interaction 
that  you  have  with  us,  from  the  moment  you  start  thinking 
about  your  trip  to  when  you  turn  in  your  key’ 

The  hotel  chain  recently  completed  a  migration  from 
multiple  Web  platforms  to  ATG’s  Commerce  Suite,  which 
r  uns  on  Windows, Solaris  or  Hewlett-Packard’s  HP-UX. 

With  ATG’s  Scenario  Personalization  technology, Six  Con¬ 
tinents  is  working  on  marketing  campaigns  and  personal¬ 
ized  offerings.The  new  Web  site  features  include  the  ability 
n  store  favorite  hotels.so  business  travelers  can  save  their 
!  ‘references.The  Web  site  automatically  will  display  the 
rates  for  wh-,c  h  the  person  qualifies.“We  can  make  the 
reservation  itself  an  alinost-effortless  exercise  for  them," 


Ross  says.They  pretty  much  just  have  to  tell  us  whether 
they  want  to  order  breakfast  in  the  morning  or  not." 

In  addition  to  its  new  ATG  software, Six  Continents  has 
new  wireless  reservation  services  to  capture  the  business 
of  people  who  make  travel  plans  while  in  transit.  With  the 
wireless  services,  people  with  Palm  VII  devices  and  Web- 
enabled  mobile  phones  can  search  for  hotel  information, 
make  reservations,  receive  itinerary  and  confirmation 
information,  and  access  their  customer  loyalty  accounts. 

The  two  upgrades  share  a  common  goal  of  improving 
customer  service.’The  combination  of  the  economic  envi¬ 
ronment,  the  competitive  environment  and  the  political 
environment  has  made  people  very  conscious  of  value,” 
Ross  says.“They  want  to  know  that  their  business  matters 
to  you.” 


Blue  Pumpkin  workforce  optimization  software  and 
Genesys  call  routing  software. 

From  Blue  Pumpkin,  LightBridge  is  using  Director-En¬ 
terprise,  Activity  Manager  and  Advisor. The  applications, 
running  on  Windows  servers,  handle  tasks  including  plan¬ 
ning  workforce  levels,  monitoring  the  skills  agents  acquire, 
tracking  how  agents  spend  their  time  and  measuring  em¬ 
ployee  performance  against  corporate  expectations. 

From  Genesys,  which  is  a  division  of  Alcatel,  LightBridge 
has  rolled  out  Enterprise  Routing,  which  lets  it  route  calls 
based  on  real-time  statistics,  customer-stored  data  and 
customized  business  rules;  and  Internet  Contact, which 
lets  LightBridge  integrate  e-mail  management  and  Web- 
based  interaction  capabilities  into  its  call  center. The 
Genesys  suite  runs  on  a  Solaris  platform. 

Recently  LightBridge  made  one  minor  routing  adjust- 


RAYMOND  ZINGARETTI,  PROGRAM  MANAGE^  DEFENSE  LOGISTICS  INFORMATION  SERVICE 

Don’t  depend  on  a  software  vendor  to 
know  what’s  best  for  your  company 
Take  time  to  really  learn  what  the  CRIV 
software  can  do,  and  apply  that  knowl¬ 
edge  to  your  business. 


EARLY  ADOPTERS'  DOs  AND  DON  Ts 


*  Skimp  on  data  quality.  Customer,  product  and 
transaction  data  needs  to  be  clean  and  properly 
formatted  to  be  useful. 

*  Forget  about  end  users.  If  employees  aren't 
properly  trained  and  committed  to  using  new  CRM 
software,  the  implementation  will  be  a  failure. 

*  Skip  the  pilot.  Ask  vendors  to  provide  software 
and  support  for  a  pilot  before  making  any  final 
decisions. 


*  Consume  CRM  in  digestible  doses.  Experts  rec¬ 
ommend  a  regime  of  short,  focused  CRM  projects, 
rather  than  a  massive  rollout. 

*  Align  business  and  IT  objectives.  Defining  CRM 
project  goals  and  making  technology  choices 
should  be  group  decisions. 

*  Use  your  peers.  Get  customers  references  from 
each  vendor  on  your  shortlist,  then  contact  those 
references. 


GEORGE  WAIOMAN 


Call  center  savvy 

LightBridge  is  focusing  much  of  its  CRM  energy  in  the 
call  center  —  it’s  the  lifeblood  of  its  business. 

LightBridge,  of  Burlington,  Mass.,  makes  credit-checking 
and  fraud-detection  software,  and  provides  outsourcing 
services  for  communications  providers.  Its  specialty  is 
handling  call  center  operations  for  companies  that  offer 
mobile  services,  which  require  screening,  qualifying  and 
activating  new  wireless  customer  accounts.  Last  year,  300 
LightBridge  agents  handled  more  than  12  million  calls. 

To  handle  growing  call  center  volumes  while  keeping 
costs  in  check,  the  company  recently  completed  a  $2  mil¬ 
lion  renovation  of  its  call  center  operations,  deploying 


ment  that’s  saving  the  company  $150,000  a  quarter  by  re¬ 
ducing  headcount  requirements, says  Kelly  Stropp.call 
center  operations  manager.  LightBridge  typically  main¬ 
tains  multiple  small  call  queues,  each  staffed  by  about 
five  agents.  With  the  old  call  routing  system, some  agents 
were  achieving  only  30%  utilization.  Fine-tuning  the 
Genesys  system  to  better  monitor  queues  and  route  calls 
to  the  most  appropriate  agent  has  helped  LightBridge 
increase  its  agent  utilization  average  to  more  than  65%. 

Lighter-weight  skills-based  routing  products  couldn’t  give 
LightBridge  that  flexibility, Stropp  says.  Manual  scheduling 
techniques  are  too  unwieldy  to  adapt  on  the  fly  to  chang¬ 
ing  conditions. “That’s  what  really  gives  us  the  savings  — 
scheduling  correctly  to  the  new  call  routing,"  he  says.B 
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GLT  Industries 


Introducing  Dell  Blade  Servers. 

It's  amazing  what  your  business  can  accomplish  when  you  think  small 


Dell  J  Enterprise 

PowerEdge™  1655MC  Blade  Server 

Cost-Effective  Consolidation  Solution 

•  Up  to  2  Intel* *  Pentium*  III  Processors  at  1.26GHz  Per  Blade 

•  Up  to  84  1655MC  Blades  Fit  into  One  Standard  42U  Rack 

•  128MB  -  2GB  133MHz  ECC  SDRAM 

•  Supports  up  to  2  High-Performance  SCSI  Hard  Drives  with 
PERC4/im  Integrated  RAID 

•  Hot  Plug  Redundant  Power  and  Cooling  Standard 

•  Integrated  Management  Module  and  Keyboard, 

Video  and  Mouse  Switch 

•  Integrated  Layer  2  Managed  Ethernet  Switches 


Consolidate  with  Dell  Blade  Servers  and  dramatically  lower  TCO.  Dell  PowerEdge"  1655MC  Blade 

Servers,  powered  by  Intel®  Pentium®  III  processors,  represent  the  future  of  server  design  as  well  as 
a  more  cost-effective  way  to  start  consolidating  your  web,  network  infrastructure  and  application 
servers.  Our  small,  3U/6  blade  chassis  is  cutting-edge,  and  it  easily  fits  into  your  existing  power  rack 
and  administrative  infrastructure.  With  Dell  PowerEdge  MC  Blade  Servers,  you  can  expect: 

•  Modular  Flexibility:  Consolidate  multiple  applications  in  a  fraction  of  the  space  required 
by  traditional  rack  designs. 

•  Superior  ROI:  The  1655MC's  smaller,  modular  design  can  help  improve  your  ROI  when 
buying  three  or  more.  And  they're  easy  to  install,  maintain  and  service. 

•  Infinite  Scalability:  Buy  only  the  number  of  blade  servers  you  need,  without  the  investment 
and  overhead  of  much  larger,  more  expensive  chassis  designs.  As  your  needs  grow, 
simply  plug  in  new  blade  servers. 


So  go  to  www.dell.com/blades  or  call  us  toll-free  at  1-866-234-3355  today  and  discover  the  easier 
way  to  get  on  the  consolidation  bandwagon  with  Dell  PowerEdge  MC  Blade  Servers. 


pentium®/// 


Smarter  consolidation  solutions.  Easy  as 

Click  www.deil.com/blades  Call  1-866-234-'  : 

toll  free 


Call  M-F  7a-8p|Sat  8a-5p  CT. 
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Finally  -  the  missing  piece! 


Today’s  ever-growing  data  centers  make  it  harder 
than  ever  to  get  hands-on  control  of  all  your  servers 
and  network  devices.  Now  you  can  have  direct 
access  to  every  device  in  your  data  center  from  any 
location,  all  from  a  single  screen.  Manage  and  maintain 
servers  in  your  local  rack  or  across  the  world. 


Total  system  control  over  analog  or  IP  connection 
means  complete  ‘at  the  computer’  troubleshooting 
from  anywhere. 

Now  it’s  all  falling  into  place.  Avocent’s  advanced 
analog  and  digital  KVM  solutions  -  the  perfect  fit 
for  the  server  room  and  enterprise. 


For  the  complete  picture,  download  a  free  KVM  Tech  Guide  today  at 
www.kvmguide.com  or  call  1  -866-AVOCENT  (286-2368),  ext.  3006. 


vocent  the  Avocent  logo,  'The  Power  of  Being  There",  “KVM  over  IP",  DSR,  DSView,  DS1800,  and  CPS  are  trademarks  of 
vocent  Corporation  All  other  marks  are  the  property  of  their  respective  owners.  Copynght  2002  Avocent  Corporation. 
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READY 


Request  for  your  FREE  CAS  booklet  at  www. 


Console  Access  Server 


1/4/8/16/32/48  RS-232  ports 


First  Linux:based  Teritiial 


IP  Filtering,  RADIUS,  and  Secure 


Linux,  FreeBSD,  Sun,  HR 


Guess  what  Yahoo!,  til 
to  manage  their  served 


THE  LEADER  IN 
LINUX 

CONNECTIVITY 


www.cyclades.com/nw 


1-888-CYCLADES  1-888-292-5233 
510-770-9727 
sales@cyclades.com 
Fremont,  CA 


mmwjas 


CYCL 


"The  Cydades-TS  Series  of  Console  Access  Servers  provides  the  highest  port  density  and  security 
at  a  very  competitive  price.  By  using  Linux  as  the  embedded  OS,  it  offers  the  flexibility 
required  to  manage  our  dynamic  environment.  The  Cydades-TS  is  a  key  element  to  help 
us  keep  our  servers  up  and  running."  -  Pete  Kumler,  Manager  of  Site  Operations,  Yahoo!  Inc. 


Cydades-TS  Series 


©2002  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  ol  thier  respective  owners.  Product  information  subject  to  change  without  notice. 
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The  Hub  of  the  Network  Buy 


CONTROL  KEYBOARD;  VIDEO  AND  MOUSE  REGARDLESS  CDF  LOCATION 

With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 


ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 


K  a  is  a  m  am 

COMPLETE  KVM  CONTROL  VIA  TCP/IP 


REMOTELY  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


AUTOMATICALLY  MONITOR  SERVER  ACTIVITY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 


D  I 


The  Engine  of  Innovation 


Available  in  single  and  eight  channel  versions 


www.digitalv6.com 


Resellers  and  Distributors  Welcome 


Jonathan  Franklin 
Trial  Lawyer 

Jonathan  Franklin,  P.A..  a  boutique  law  firm  based  in  Miami. 
Florida,  represents  corporate  clients  around  the  country.  The 
firm  specializes  in  product  liability  and  tort  law. 


"There  were  several  factors  that  went  into  our  decision  to 
choose  CyberGuard.  Chief  among  these  was  its  proven 
secure  track  record.  Independent  data,  reports  and  evalua¬ 
tions  also  revealed  the  product’s  overall  excellence.  And  we 
were  particularly  gripped  by  its  hardened  OS,  powerful  VPN 
and  obvious  rock  solid  security. 


"The  Internet,  with  its  continuous  connections,  acts  as  a 
doorway  directly  into  your  office.  It  offers  a  way  out  to  the 
world  and,  more  importantly,  a  way  in  for  the  world.  At  our 
firm,  we  maintain  and  store  confidential  and  privileged 
materials,  as  well  as  trade  secret  information.  As  a  result,  we 
could  not  risk  choosing  a  product  with  any  vulnerability  when 
we  undertook  steps  to  secure  our  office  and  valuable 
information.  Frankly,  knowledge  of  any  vulnerability  alone  is 
enough  to  stick  you  with  legal  liability. 

"Faced  with  the  prospect  of  having  to  spend  $10,000  to  $12,000 
to  get  the  quality  and  performance  in  this  caliber  of  a  product, 
you  also  need  to  weigh  the  potential  legal  liability.  In  our 
opinion,  one  breach  could  expose  any  company  to  millions  in 
liability.  And  that  was  not  a  risk  we  wanted  to  take." 
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CERTIFIED 


vGyt)piSudrd  s  Security  solutions  ate  found  in  Global 
[&£O0$($f»pd^w$  and  governments'  worldwide  Cyber- 
K>*5 'HiiQ'tj's  itvtind-wmning.  premium  firewall/VPN  appli- 
'  '  Complete  separation  of  netwoik  traffic 

|  components  ' 


For  white  papers  on  Rock  Solid  Security  go  to: 
http://www. cyberguard  com/ROC KSOLID/nw  cfm 
Phone:  954  958.3878  •  e-mail:  mfo@cyberguard  com 

Copyright  2002  CyberGuard  Corporation  All  rights  reserved 


On-Command  Power  Switching  for  your 
Network  Equipment***  from  Anywhere! 


Applications: 

Remote  Power  Management 
X  Servers 

X  Routers  Firewalls  DSU/CSU's 
X  Web  Cams 

Turn  On/Off  any  AC  or  -48VDC 
Powered  equipment  via  telnet, 
modem  or  local  terminal. 

Electronic  equipment  sometimes  "locks- 
up"  requiring  a  service  call  just  to  flip 
the  power  switch  to  do  a  simple  reboot. 
With  WTI  Remote  Power  Switches  you 
have  the  ability  to  perform  this  function 
from  anywhere  on  the  LAN/  WAN,  or  if 
the  network  is  down,  to  simply  dial-in 
from  a  modem  for  out-of-band  control. 

For  over  a  decade  WTI  has  been 
leading  the  way  in  Remote  Power 
Switching  technology  offering  more 
products  choices  for  small  or  large  scale 
remote  management  strategies. 

Our  switches  are  now  installed  in 
thousands  of  sites  world  wide.  Our 
customers  know  they  can  depend  on 
our  superior  quality  and  reliability  for 
their  most  mission-critical  operations. 


EIGHT  PLUG  -  DUAL  BUS 


©  Dual  15  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  User  plus  Admin  Security  Features 
©  115VAC  and  230VAC  Models 


HIGH  CURRENT  -  DUAL  BUS 


NPS-2HD 


©  Ideal  for  CISCO  6500/7500 
©  Dual  20  Amp,  115VAC  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 

CODE  ACTIVATED  - 
EXPANDABLE 


TWO  PLUGS  -  LOW  COST 


©  Two  Addressable  Plugs 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  115VAC  and  230 VAC  Models 
©  Manual  on/off  Buttons 


DUAL  BUS  -48VDC 


©  Dual  -48VDC,  40  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  On/Off/Reboot  Switching 


FIVE  CIRCUIT 
-48VDC  POWER  BAR 


Yes,  we  are  customer  friendly! 

X  Two  year  warranty 
X  We  stock  for  same  day  shipment 
X  30  day  return  policy 
X  Start-up  cables  and  rack  ears  included 


Want  an  on-line  demo? 

Just  call  or  e-mail  and  you'll  see  for 
yourself  why  so  many  network 
professionals  choose  WTI. 


RPS-10 

©  Single  10  Amp  Circuits 

©  Expandable  to  10  Individually 
Switched  Plugs 

©  RS232  Control  Port 


RPB+DC30 

© 


© 


© 


Five  Individually 
Switched  Circuits 

Switch  -48VDC,  12  Amps 
each  Circuit,  30  Amps  Total 

Also  Available  in  115VAC 
and  230VAC  Models 


www.wti.com 


(800)  854-7 


5  Sterling  •  Irvine  • 


incorporated 

California  92618-2517 


Keeping  the  Net.. .Working 


The  Hub  of  the  Network  Buy 


UltraLink 


■  Connects  to  standalone  computers  or  any  KVM  switch 

■  High  quality  16-bit  video  at  up  to  1280x1024  resolution 

■  Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
program,  no  user  license  required 

■  Encrypted  communication  produces  highly  secure  operation 

■  Scaling  and  scrolling  features  for  maximum  flexibility 

■  Single  mouse  cursor  simplifies  user  interface 

■  See  four  servers  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 
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WWW.ROSE.COM 


UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 


The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 


Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 


Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 
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USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44(0)  1264  850574 
ROSE  Asia  +617  3427  5353 


Rose  Electronics 
10707  Stancliff  Road 
Houston.  TX  77099 
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-1000 


Firewall  Appliance 


New  kid  on  the  block? 


The  GB-I000  Firewall/VPN  appliance  is  powered 
by  the  GNAT  Box  System  software  -  the  original, 
small  footprint,  high  performance  firewall  system  first 
introduced  in  1996.  The  GB-1000  is  deployed 
worldwide  by  organizations  that  desire  rock-solid 
operation  and  the  best  price/performance  ratio  on  the 


Years:  10 

GTA  has  10  years  experience  in  developing  quality  software.  Since  1994,  GTA  has  been 
producing  solid,  dependable,  ICS  A  certified  firewalls,  with  a  powerful  feature  set  at  an 
affordable  price. 

NICs:  4+ 


market  today. 


The  GB-1000  has  many  standard  features  including 
JPSec  VPN,  DNS  server,  failover  routing  and  DHCP 
services.  Optional  features  such  as  high  availability  and 
24x7  support  are  also  available. 
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The  GB-1000  standard  configuration  includes  4  built-in  10/100  NICs.  Expansion 
options  allow  the  addition  of  up  to  4  more  NICs,  including  Gigabit.  Each  NIC  is  fully 
addressable,  allowing  flexible  configuration. 

Users:  00 

The  GB-1000  has  an  unlimited  user  license  and  supports  128,000  concurrent 
connections.  Our  powerful  dynamic  network  address  translation  technology  and 
stateful  packet  inspection  engine  provide  all  users  with  transparent  Internet  access  and 
proven  network  security. 


Global  Technology  Associates,  Inc. 

1-800-775-4GTA  •  www.gta.com  •  info@gta.com 
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This  is  the  way  to  learnt' 

\Vt] 


nKey 


ecurity+ 

Training 


jcca 

Mtutrictin  Security 

(22Q 

1  l»iwh 

J  Widens 

j 

J.UAS 

j 

|  .  Wrtrtw. 

J  T«IimbNI 

. . .  T—" 

.. .  j 

•  Media-Rich  Content 

•  Challenging  Labs 

•  Comprehensive  Tests 

•  Practical  &  Proven 


LearnKey 


Self-Paced  Computer  Training 


Security+  Certification  $265 


CompTIA  . 

icuril 

Introductory  Offer!  Limited  Time! 


reg.  $355 


15  Year  Anniversary  Savings! 

Network + 

4  Sessions 

$ 

265 

reg.  $  355 

i-Net+ 

5  Sessions 

$ 

315 

reg.  $  425 

Windows  XP  Professional 

6  Sessions 

$ 

370 

reg.  $  495 

Windows  2000  Network  Security  Design 

3  Sessions 

$ 

195 

reg.  $  265 

Cisco*  MCNS 

6  Sessions 

$ 

710 

reg.  $  945 

NETWORK  '  ONLINE  •  CD-ROM  •  VIDEO 

Mlxteiofl*  •  CompTIA*  •  Novell*  •  CI*<o*  •  lotus*  •  Adobe*  •  Linux  •  CIW* 

1.800.865.0165  •  AvailableONLYatiearnkey.com/networid  HLeamKey 

e  2002  leomKey,  Ik.  LK082602  Source  Code  #4048 

•limited  lino  oHer,  torn*  restrictions.  Prices  listed  ere  (or  Single-Users.  Pleose  cell  (or  Helli-User  pricing  and  Corporate  solutions. 


A  24/7  Internet  Alarm 


Keynote’s  Red  Alert  service  can  monitor  and 
execute  end-to-end  checks  of  any  TCP-enabled 
Internet  application  or  device  24/7/365. 
Whenever  a  server  or  network  fails,  Keynote’s 
Red  Alert  service  isolates  the  problem  and 
immediately  notifies  you  with  full  details  via 
e-mail,  pager  or  cellphone.  Or  all  three. 

Red  Alert.  Another  way  Keynote  helps  you 
expect  the  unexpected. 

For  a  30  day  free  trial  of  Red  Alert 

Go  to  http://www.redalert.com 
Or  call  1(800)  548-4517 


Trade  in  your  tired,  old  KVM  boxes 
for  the  Cat5-based  Paragon®  —  and 
save  up  to  $1600  on  every  switch. 

Since  1985,  Raritan  has  been  the  technical  leader  in  KVM 
switching  and  remote  management  solutions  for  accessing 
and  controlling  servers. 

Today,  the  most  powerful,  reliable,  and  secure  KVM  solution 
available  is  Paragon  from  Raritan.  Award-winning  Paragon 
is  the  only  solution  with  Cat5  Simplicity™  and  multi-platform 
support  for  2  to  64  users  having  direct  control  of  1 6  to 
10,000  servers. 

The  time  to  power  up  with  Paragon  is  now.  Take  advantage 
of  our  generous,  limited-time  trade-in  rebate  and  get  back 
up  to  $1,600  per  Paragon  switch  purchased. 


Call  1  -800-724-8090,  visit  www.raritan.com. 
Hurry !  Rebate  offer  ends  soon. 


Raritan. 
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Anywhere,  anytime  access. 

Get  a  free  online  demo  of  secure 
Web  browser  access  to  Paragon 
via  our  IP-Reach  "  option 
To  schedule  a  demo  from  your 
desktop,  visit  www.raritan.cciv 


Raritan,  Paragon.  Cat5  Simpticity,  and  IP-Reach  are  registered  trademarks  of  fi»it?n  • .  «. 


Them  is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


e  X  PE  R  T 

OBSERVER 


Quickiy  Pinpoint,  Pre-solve  & 
Prevent  Network  Problems 


Observer 
* 995 


Expert 
Observer 
* 2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 

©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments”  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


NETWORK" 


Dial  Access  Solutions 


Fax  server 
Dial  access 
Data  collection 
Modem  pooling 
Internet  access 


►  V  V  - 


Call  1  -866-TRY-GLCC  or  visit  us  at 


Great  Lakes 


Corporate  Headquarters: 

P.O.  Box  551.  Edmboro,  PA  16412 
Western  Distribution: 

3875  Corsair  St.,  Suite  -QT 
Reno.  NV  89502 


•  Sun 

•  Cisco 

•  RS/6000 

•  Netfinity 

•  HP9000 

•  AS/400 

•  Compaq 

SAN  Solutions 

•  HP  Netserver 


Server 
Configuration  Guide 


Easy  to  use.  Convenient. 

'  At-a-  glance  information  for 

selecting  the  right  server  for  your 
application  with  processor,  memory  and 
storage  information.  Available  for  HP.  IBM, 
Sun  and  Compaq.  Call  877.231.2451  or  visit 
www.wdpi.com  to  request  your  FREE  Server 
Configuration  Guide. 
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The  Hub  of  the  Network  Buy 


Buy  •  Sell  •  Lease  •  Repair  •  New  •  Refurbished  •  Used 

www.wdpi.com  •  877.231.2451 

121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


STOP 

SPAM 


And  other  email  borne  threats  BEFORE  they 
reach  your  corporate  network. 


Securely  squash  junk  email,  viruses  and  pornography  without  the 
headache  of  integrating  new  software  or  hardware  into  your  current 
messaging  environment. 

Remove  the  frustration  of  constant  updates.  Get  control  over  email 
policy  configuration  and  enforcement. 


Find  out  about  a  free  trial  with  zero  risk  and  zero  integration  by  visiting 
us  at  www.mxlogic.com/nw  or  calling  877-MXLOGIC. 


W  Logic 

Managed  Email  Firewall  Services 

www.mxloglc.com 
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Internal 

UPS 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Microphone 

for  Sound 
Monitoring 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


8  R|-45  Sensor  Inputs 

( Temperature ,  Humidity, 
Woter,  Motion,  Power, 
Smoke/fire) 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
St  Pager  Port 


SENSAPHONE®  _ 

irvis -ammo 


Phonetics,  Inc. 

Tel:  877-373-2700  901  Tryens  Road 

www.ims-4000.com  Aston,  PA  19014 


Seeking  Solutions  ...NTI  Has  The  Answers! 

MULTI-USER 

SERVER 

CONTROL  IS  EASY! 

Individually  command  or  simultaneously 
share  up  to  32  USB-enabled  computers 
using  USB  keyboards  &  mice  and  VGA 
multiscan  monitors. 


“I  want  Matrix  KVM 
control  for  USB  computers.” 


FREE  CATALOG! 


CUl  100-742-8324 


KIENIUX  KVM  SOLUTIONS 


•  Compatible  with: 

-  SUN  Blade  100,  1000, 

-  SUN  Ray  &  SUN  Fire*  280R 

-  USB-enabled  PCs 

-  MAC  G3/G4s 

-  HP  J5000  and  other  USB-enabled 
UNIX  computers 


•Available  with  2,  4  or  8  user  ports. 


•Controlling  USB  computers  is  easy 
with  NTI’s  Matrix  Control  Software 
with  a  GUI  interface. 

•  Features  NTI’s  patented  true  electronic 
autoboot  USB  switching  -  boots  ail 
attached  computers  in  one  operation. 
(Other  USB  KVM  switches  require 
individual,  sequential  boot-up.) 

•  Fully  compliant  with  USB  stand:,  ds 

•  Crisp  &  clear  1900x1200  resolution 


I 

t 
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1275  Danner  Drive  •  Aurora, 
330-562-7070  *  FAX:  330- 


BUY  ONLINE  at  www.nt.il 
Email:  sales@nti1.ccA 


K 


The  Hub  of  the  Network  Buy 


•  m  • 


Systems/FertwresTMemory 

cisfeo 

EQUIPMENT 

Also  Available:  Wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

In  Stock  •  Fast  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  01  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  EMail  salesccomstarlnc  com 


Make  the  Smart  Choice, 
Trust  the  Experts  " 

/Continental 

Computers  *.<•» 


order  now:  310-416-1200 

or  visit 

www.ContiComp.com 

We  Specialize  In... 

Cisco  Systems 


Authorized 
Reseller 

Thcw  logos  »•  ft  VaGftmftrtt  o 1 tv**  r«pec trvt  companies  and  sarwcaa 


NctSmarl  Learning  Partner 
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Contact  these  companies  today  to  help  you  with  your  training  needs! 

SSfflS 


Boson  Training 

(813)  925-0700 
www.bosontraining.com 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
wireless,  CISSP 


PMG  NetAnalyst 

(800)  645-8486 
www.NetworkTraining.com 
Network  Forensic  Analysis  and  Security 
H  Training  and  Services 


WKMN  Training 

■  (415)  586-1713 

www.wkmn.com/wireless 
Comprehensive  introduction  to 
wireless  networking. 


Learnkey  Inc. 

(800)  865-0165 
www.leamkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 

(615)  726-8779 
www.transcender.com 
Award-winning  practice  exams 
for  IT  certification 

George  Washington  Univ 

(202)  973-1175 
www.cpd.gwu.edu 

Oracle  MCSE  Network  Security  UNIX/LINUX  I- 
Net  VB.Net  XML 


- 


IPexpert,  Inc. 

(866)  225-8064 
www.ipexpert.net 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
wireless,  CISSP 


CBT  Nuggets,  Inc. 

(541)  284-5522 
www.cbtnuggets.com 
IT  Certification  Videos 


To  Place  Your  Listing  Here 
Call  Enku  Gubaie  at  (800)  622-1108 


CffflMrte  MornHor 
Bmrtm f  Port 

•  Temperature  $ 

•  Humidity 


Weather 

Duck 


•  Air  Flow 

•  Light  Level 

•  Doors  Open 

•  Camera  Optional 


•  512,347.1064  • 


www.lTWatciP»j» 
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CISCO  NORTEL 


UP  TO  85%  OFF 

CURRENT  TECHNOLOGY 

NEW  •  REFURB  /  BUY  •  SELL 


THIS  MONTH'S  HOT  SPECIALS 

Passport  8648TX  Enterprise  Routing  Switch  Module  (Refurbished) 

48  port  autosensing  10BASE-T/100BASE-TX  Ethernet  Layer  switching  interfaced 

Special  $4,800 

Cisco  2924-CXL  (Refurbished) 

22  Port  10/100  Ethernet  Switch  &  2  Ports  B-FX 

Special  $675 

While  Supplies  Last 

ASN2  Base  Unit  32  M  48V  Redundant  Power  (Refurbished) 

Special  $895 

16  MB  Nortel  Compatible  PCMCIA  Flash  Card 

Special  $225 

NLE  OFFERS  FREE  LIFETIME  TECHNICAL  SUPPORT 

SPECIALS  EXPIRE  12/13/02 

NORTEL 

NETWORKS 


Cisco  Smut 


( araeTityjQ  Bay  Networks 
NATIONAL  LAN  EXCHANGE  •  WWW.NLE.COM 


888-8LANWAN 

Call  for  Free  Quote!  (888-852-6926) 


•  cobALt 


DE  LA  CRUZ  BLVD 


WWW.RECURRENT.COM  INFO 


We 

Buy 


& 


Since  1985 


Sell 


CISCO 


New  &  Used 
Fully  Guaranteed 
Overnight  Delivery 


S*  habla  Eapanol 
Wir  aprochen  Deutsch 


800.451.3407 


90  Castilian  Drive,  Suita  110.  Santa  Barbara.  CA  93117 


Routers 
Switches 
Interface  Modules 
Access  Servers 
Accessories 


www.nctworkhardware.com 

BUY  ONLING 


NETWORK  HARDWARG  RESALES 


^  Ul  ^llllQUtlCe 


Network  Products  &  Services  with 
Network  World’s  Marketplace  Call  800-622-1108  exL  6507 


Phone:  800-439-8558  or  718-894-7500 
56-29  56th  Drive,  Maspeth,  NY  1 1 378  USA  Fax:  718-894-1 573 


Cisco  Systems 
Juniper  Networks 


Extreme  Networks 
Foundry  Networks 


www.  digitalwarehouse.  com 

digital  warchouse 

'S  The  No.  1  Source  For  Used  Cisco  Direct** 


■  Nortel  Networks 

■  Lucent  Technology 

■  Alcatel 

■  Riverstone  Networks 


HEW4JSEP 
WE  BPY-WE  SELL 


_  s699 

10/100  Ethernet  LAN  Tester 


PDA  Based! 


(FREE  Palm  ml05 
Included) 


Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  & 
network  equipment 


►  Displays  network  utilization,  packets 
&  statistics 

Captures  &  generates  various  error 
packets 

►  Network  load  testing  function 

►  Full  auto  negotiation  &  DHCP  ready 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


*959 

Versa  Tables 
Factory  Direct  Prices 
Lifetime  Warranty  made  In  USA 
310-S73>0384  www.v*r*»dlr»ct.com 


FIBER  OPTIC 
SOLUTIONS 


J|  caeicTRon 

ass  — sYs,sms 


Clici  Systems 


•  T1/E1  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS/400  Twinax,  and 
RS/6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO  -  9001 

S.I.TECH 

Toll  Free  866-SITech-1 
630-761-3640,  fax  630-761-3644 

www.sitech-bitdriver.com 


NEW  RITTAL  19"  CABINETS 
72/24/34  w/DOORS/SIDES  $650 
78/24/34  w/DOORS  $ 500 

ERGONOMIC  ENTERPRISES,  Inc 
47  WERMAN  CT. 
PLAINVIEW  NY  11803 
1 -877-4LAN-WAN  (452-6926) 
Inti:  001-516-293-5200 
fx  516-293-5325 
www.4lanwan.com 

rich@4lanwan.com 


in_ii\/ii 


See  the  entire 
Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods. 
Gifts  Pens.  Clocks. 
Lighters.  Games 


www.suitcase.com 


Products 
I  purchased  as 

cu  result  of 
Marketplace  axis. 


7  File  Servers 


BUY-SELL-TRADE-LEASE  NEW  &  USED 


Cisco  Avaya  Paradyne  IBM  Compaa  HP 
Networking  Computers  Telecom  Printers 
FREE  Warehousing  Inventory  Managment 

Buy  Back  Program  Volume  Purchasing 


www.EKcessStreet.com 

1'86?±E?DE  N  $880  Sign  Up  Bonus 

sales@ExcessStreet.com  see  website  for  details 


+ 1  40: 

OptimumDatalnc.  ^ox  +  ^  ^ 

www.optimumdata.com 


toll  free  800  879  8795 
ph:  + 1  402  575  3000 
fax: +1  402575  2011 


I  1 20;  Day 

Cisco  •  Paradyne  •  ADTRAN  •  Sun  •  Extreme  Networks 


For  iviore  Information 
on  advertising  In 
^etworfc  WodcFs  Marfce+Mace 
contact;  £nfco  Gufcale* 
800-bll-1108  ex*. 
e?utale@n  ww-cota 
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Buy,  Sell  or  Announce 


Network  Products 
and  Services  with 
Network  World's  Marketplace 
Call  800-622-1108  ext.  6507 
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IT  CAREERS 


0 


careers 


Senior  Programmer.  37  5 
hrs/wk.  8:30  a  m. -5:00  p.m., 
$65,000/yr.  The  Senior 
Programmer  will  perform 
Internet  Programming:  help 
write  and  maintain  complex 
application  programs  and  sys¬ 
tems  in  Visual  Basic,  SQL,  rela¬ 
tional  databases  such  as 
Oracle.  ASP,  DHTML,  HTML, 
JavaScript,  VB  Script,  and 
Actuate  at  the  highest  technical 
level,  develop  detailed  system 
design  and  programming  speci¬ 
fications  to  meet  information 
requirements  of  assigned 
departments,  and  resolve  sys¬ 
tems  problems.  The 
Programmer  evaluates  users' 
requests  for  new  or  modified 
computer  programs  to  deter¬ 
mine  feasibility,  cost  and  time 
required,  compatibility  with  cur¬ 
rent  system,  and  computer 
capabilities.  As  a  Senior 
Programmer,  this  position  func¬ 
tions  as  part  of  a  team  partici¬ 
pating  in  the  design  and 
enhancement  of  new  or  existing 
systems;  designing,  coding,  and 
testing  new  programs  and  modi¬ 
fications;  testing  of  existing  pro¬ 
grams;  interfacing  with  cus¬ 
tomers  to  assist  in  the  imple¬ 
mentation  of  work  requests; 
supporting  the  data  processing 
requirements  of  the  employer's 
companies  providing  customer 
support  for  production  systems 
and  participating  in  the  design 
and  implementation  of  applica¬ 
tion  software  packages;  provid¬ 
ing  support  to  the  various  cus¬ 
tomers  in  the  resolution  of  busi¬ 
ness  problems;  and  coding, 
debugging,  and  testing  applica¬ 
tion  programs  in  a  Windows 
95/NT  environment.  Minimum 
requirements  include  Bachelors 
or  equivalent  degree  in 
Engineering,  Computer  Science, 
Mathematics  or  Business  and  3 
years  experience  in  job  offered 
or  related  occupations  of 
Systems  Analyst  or 
Programmer/Software  Engineer 
Application  Developer  or  combi¬ 
nation  of  above.  Must  have  3 
years  experience  in  Visual 
Basic,  SQL,  Oracle,  and  HTML 
as  well  as  well  as  1  year  experi¬ 
ence  in  ASP.  JavaScript, 
Actuate,  DHTML,  and  VB  Script. 
Applicant  must  also  successfully 
pass  the  NCS  CPAB  (Computer 
Programmer  Aptitude  Battery) 
test  administered  by  Employer 
for  all  applicants.  Employer  Paid 
Ad  Send  resumes  to  P.O.  Box 
11170,  Detroit,  Michigan  48202. 
Reference  No.  202765. 


Application  Analysts  & 
Developers,  VA  &  OH. 
Software  (Reynolds  DMS  & 
auto  products)  apps  design  & 
development  using  Java, 
Visual  Inerdev,  VB,  VC++, 
Businessware,  SQL  Server 
2000  &  ASP/IIS  5.0.  Req.  BS 
in  comp  sci,  engg,  or  related 
field  &  1-2  years  of  exp  in  pro¬ 
gramming,  developing,  or 
analysis.  Resumes  to:  K. 
Cramer,  Reynolds  and 
Reynolds,  PO  Box  2608, 
Dayton.  OH  45401 


Software  Engineer 
Orefield.  PA.  Require  expe¬ 
rience  in  design  and  devel¬ 
opment  of  applications 
using  VisionPlus,  COGEN. 
COBOL,  CICS,  VSAMand 
JCL.  Relocation  within  USA 
possible.  Attractive  com¬ 
pensation  package. Multiple 
openings,  Send  resume  to 
Mali,  Gurus  IT  Services, 
1117  Linden  Hollow  Lane, 
Orefield.  PA  18069.  Email 
resume  to  : 
resume@gurusit.com 


Infinite  Computing  Systems  a 
Cedar  Rapids.  IA  company  is 
seeking  qualified  computer  pro¬ 
fessionals  for  our  growing  team. 
Current  available  positions  must 
meet  the  following  minimum 
requirements.  All  positions  require 
at  least  a  Bachelors  degree  (for¬ 
eign  Bachelor  degrees  are 
acceptable): 

•  At  least  1  yr  exp  as  a  computer 
professional,  including  at  least  1 
yr  exp  in  Harris  transformer. 
Expeditor.  IDMS,  DB2,  UNIX. 
Fortran,  C++,  File  Aid,  and  IMS 
DB/DC. 

•  At  least  5  yrs  exp  as  a  computer 
professional,  including  not 

less  than  1  yrs  exp.  in  EasyTreive, 
QMF,  MF-CICS.  MF-COBOL. 

•  At  least  5  yrs  exp  as  a  computer 
professional,  including  5  yrs 

exp.  in  C,  C++,  VC++,  Oracle, 
GUI,  SQL  Server  and  at  least  2 
yrs  exp  leading  and  managing 
professionals  in  developing, 
installing,  and  maintaining  com¬ 
puter  applications  and  systems. 

•  At  least  5  yrs  exp  as  a  computer 
professional,  including  not  less 
than  2  yrs  exp  in  Rational  Rose, 
DB2,  EJB,  Java,  Websphere, 
Visual  Age. 

•  At  least  2  yrs  exp  as  a  computer 
professional,  including  2  yrs 

exp  in  MS-Translation  Server, 
Visual  basic,  Developer2000, 
MAGIC,  Oracle,  and  SQL  Server 
and  at  least  6  mos.  experience  in 
Dream  Weaver,  PowerBuilder  and 
Sybase. 

•  At  least  3  yrs  exp  as  a  computer 
professional,  including  2  yrs 

exp  in  SAP,  Java,  HTML,  ABAP, 
BEA  Weblogic.  and  1  yr  exp  in 
Webmethods  B2B  Server  and 
Enterprise  Server,  EDI,  and 
Cognos  Power  Play. 

•  At  least  2  yrs  exp  as  a  computer 
professional,  including  2  yrs 

exp  in  Formware,  ICR/OR  recog¬ 
nition  technology.  Imaging, 
Document  management,  File  Net, 
PC-Docs,  Visual  Basic,  Java,  and 
SQL  Server. 

Candidate's  salary  relative  to 
experience  and  skills.  Multiple 
positions  may  be  available  for 
some  positions.  Candidates  must 
be  willing  to  travel  and  relocate  as 
needed. 

Please  send  resume  and  cover 
letter  to:  Janet  McVay,  Admini¬ 
stration  Manager,  Infinite 
Computing  Systems,  Inc. ,230 
Second  Street  SE,  Suite  214, 
Cedar  Rapids,  Iowa  52401 


Programmer/Analysts  &  Soft¬ 
ware  Developers,  Delphi  wanted 
for  multiple  positions.  Will  be 
assigned  to  various  client  sites 
throughout  the  United  States  to 
program,  analyze,  test,  trou¬ 
bleshoot  and  develop  Delphi 
software  as  a  front  end  for  use  in 
multiple  RDBM  (such  as  Foxpro, 
Oracle,  Interbase  and  Sybase) 
legacy  informational  systems 
installed  in  a  distributed  client 
server  environment  including 
implementation  in  an  intra/inter- 
net  environment.  May  use  tools 
such  as  MIDAS,  SOAP, 
COM/DCOM,  Object  Pascal, 
ASP,  ADO,  XML,  Web  Logic 
Server,  T-SQL,  COBRA,  DLL, 
TOAD,  Quick  Reports,  IIS, 
Swing,  JSP,  or  CSS  as  required 
in  performance  of  duties 
Requires  Bachelor's  Degree  in 
Computer  Science,  Math,  any 
Engineering  field,  any  Physical 
Science  or  any  related  field. 
Also  requires  one  year  direct 
experience.  We  also  have  sim¬ 
ilar  positions  available  for  multi¬ 
ple  Java  Developers  who  may 
be  required  to  use  J  Builder,  J 
Developer,  Weblogic,  Web¬ 
sphere,  JDK,  EJB,  ETL,  Java 
Swing,  Corba,  Jdbc,  or 
XML/XSLT  as  dictated  by  partic¬ 
ular  project  assignments.  One 
more  position  available  for 
Database  Systems  Analyst, 
Datawarehousing,  using  Infor¬ 
matics.  Cognos,  PowerPlay, 
Impromptu  and  Microstrategy, 
and  one  position  available  as  a 
Mainframe  Programmer/Analyst 
using  SPUFI,  QMF,  Abendaid, 
Savrs,  and  Assembler.  All  posi¬ 
tions  require  a  Bachelor's 
Degree  in  one  of  the  fields  men¬ 
tioned  above  and  one  year 
experience  in  the  job  to  be  per¬ 
formed.  For  Delphi  positions 
please  send  resume  (no  calls)  to 
Delphi  HR,  Genome 
International  Corp.,  583 
D'Onofrio  Dr.,  Madison,  Wl 
53719.  For  other  positions, 
please  send  resumes  (no  calls) 
to  HR,  Genome  International 
Corp.,  583  D'Onofrio  Dr., 
Madison,  Wl  53719.  Applicants 
must  have  authorization  to  work 
permanently  in  the  United 
States. 


Quad/Graphics:  SOFTWARE 
DEVELOPERS:  Sussex,  Wl, 
Job  Title:  SOFTWARE  DEVEL¬ 
OPERS.  Job  Type:  Full-time. 
Company  Name:  Quad/ 

Graphics,  Sussex,  Wisconsin, 
Country:  USA,  53089.  N63 
W23075  Main  St  Sussex,  Wl. 
53089. 

Selected  candidates  will  be  part 
of  team  responsible  for  full-life 
cycle  software  development. 
BS  in  Computer  Science  or 
related  major  required  for  all 
positions.  Additional  require¬ 
ments  for:  Software  Developer  - 
experience  with  OO  program¬ 
ming  (C++,  Java,  PowerBuilder) 
plus  relational  database  (SQL). 
Programmer  Analyst  I  -  experi¬ 
ence  using  Powerhouse,  VB 
and  SQL/Oracle  DB.  Overtime 
as  needed,  including  evening/ 
weekend  hours  to  support  24/7 
operations  and  minimize  user 
disruption. 


SYSTEM  ANALYST/PRO- 
GFtAMMER.  Gather  and  model 
user  requirements  through  busi¬ 
ness  process  modeling  &  use 
cases  in  a  modeling  tool  &  to 
design  application  services  in 
UML  using  Object  Oriented 
analysis  and  Design  techniques. 
Requires  B  S  C  S,  or  equiv., 
plus  4  year  exp.  In  computer 
analysis,  design  &  coding,  to 
include  2  year  exp.  In  document¬ 
ing  requirements  in  design  mod¬ 
els  for  web  application,  and 
designing  and  developing  web 
applications  using  Microsoft 
tools,  including  Visual  Studio. 
Visual  Basic  Interdev,  COM  & 
SQL  Server  Knowledge  of  MTS 
&  XML  required  Job  &  interview 
in  Lakeland,  FL  Competitive 
salary  Send  resume  to  Attn:  IT 
Placement  Office,  Publix  Super 
Markets,  Inc.,  P.O  Box  32015, 
Lakeland,  FL  33802  EOE. 


COMSYS  is  an  established  IT 
consulting  firm  that  serves  lead¬ 
ing  corporations  including  174 
of  the  Fortune  500.  With  COM¬ 
SYS,  you  get:  Extensive 
Benefits,  Additional  Compen¬ 
sation  for  referrals,  and 
Professional  Challenges  with 
training  and  assignments  to 
keep  you  at  the  forefront  of 
technology.  With  over  30 
offices,  we  need  the  services  of 
experienced  consultants  across 
the  US: 

•  Computer  Programmers 

•  Programmer  Analysts 

•  Systems  Analyst 

•  Software  Engineers 

•  User  Support  Specialists 

•  BA's 

•  Business  Analysts 

•  Project  Leaders 


( COMSYS 


Submit  resume  to: 

COMSYS 
3030  LBJ  Freeway 
Suite  905 
Dallas,  TX  75234 
www.comsys.com 
Fax:  972-960-0914 
EOE/M/F/DV 


PEOPLE  WITH  THE  FOLLOW¬ 
ING  SKILLS  NEEDED  FOR 
ASSIGNMENTS  THROUGH¬ 
OUT  THE  USA.  ORACLE. 
SYBASE,  POWERBUILDER, 
AS400,  PROGRESS,  UNIX 
SYS  ADMIN,  NATURAL,  SQL/ 
SERVER,  JAVA,  INGRES, 
SAS,  VB,  HTML.  PLEASE 
MAIL  RESUME  TO  DIR. 
RECRUITING,  Skillsoft  Inc.. 
20283  State  Road  7,  Suite  300, 
Boca  Raton.  FL  33498,  U.S.A. 
www.skillsoftusa.com 


Programmer/Analysts  (KPG. 
Inc.,  Metro  STL):  1)  Mainframe 
position:  test,  and  implement 
sys  apps.  using  MVS, 
TSO/ISPF  Panvalet,  JCL, 
COBOL.  Assembler,  Lotus 
Notes,  Windows  NT,  SNA,  and 
X.25;  perform  abends/core 
dumps  analysis,  debugging  and 
test  scripts.  2)  Web  Apps.  posi¬ 
tion:  develop  modules  using 
ODBC,  ASP  and  Stored 
Procedure:  write  SQL  calls 
against  MSSQL  dbs; 
develop/maintain  Client's 
Search  Engine;  design  Client's 
Register  Forms  using  ASP, 
VBScript,  JavaScript,  COM 
Object  on  Win/2000:  plan 
Intranet  project  using  Java 
Beans,  JSP  and  JavaAWT: 
design  artwork  w/  3D  Studio 
Max,  Photoshop  and  Illustrator. 
Req.  BS/BA  or  the  equiv.  in  CS, 
EE,  CIS  or  MIS  plus  min. 6  mon. 
exp.  Full  time/competitive  salary. 
Resumetoad@kpginc.com.  No 
calls. 


ORACLE  SYSTEMS  ANALYST: 
Implement  Oracle  based  com¬ 
puter  system  using  Oracle 
Financial  &  Developer  2000 
software  together  with  Visual 
Basic  &  Java  programming  lan¬ 
guages  for  Accounting, 
Marketing  &  Human  Resource 
Depts;  test  system  for  req.  spec¬ 
ifications;  generate  &  document 
protocols  for  end  user  Co. 
employees;  create  and  imple¬ 
ment  WEB  based  business 
model  to  enable  Co.  to  competi¬ 
tively  market  its  400  products  on 
internet;  create  LAN.  Requires: 
BS  in  Management  Information 
Systems  or  equivalent,  and  1  yr. 
exp.  In  position.  Sal.  $50,000/yr. 
Send  resume  to  Human 
Resource  Director,  SMG  Inc.,  30 
W  250  Butterfield  Rd,  Ste  310, 
Warrenville,  IL  60555. 


OH  Insurance  Co.  seeks 

Analyst  II  to  work  with  process 
teams  to  define  process 

requirements  &  model  workflow. 
Conduct  research  utilizing  data 
extraction,  statistical  analysis 
techniques  to  test  process  vari¬ 
ables,  analyze  trends,  identify 
issues  &  opportunities,  and 
summarize  results  for  manage¬ 
ment  consideration.  Candidate 
must  possess:  Bachelors 
degree,  or  equiv.,  in  Finance, 
Statistics  or  Electronics 
Engineering  and  min.  2  years  of 
related  work  experience.  Exp. 
with  IBM  Mainframe,  JCL,  File 
Aid,  ISPF,  SQL,  DB2,  and  MS 
Excel  required.  Aptitude  for  criti¬ 
cal  thinking,  problem  resolution, 
project  management,  analytical 
skills  and  the  ability  to  translate 
analytical  results  to  decision 
making.  First  party  applicants 
only,  send  Resumes  to  HR 
Department,  6055  Parkland 
Blvd..  Mayfield  Heights,  OH, 
Box  EM  12  ad  code  CC1.  No 
calls.  Equal  Opportunity 
Employer  M/F/D/V. 


NEED  TO  HIRE? 

START  WITH 
US! 


ITcareers.com  reach 
more  than  2/3  of  all  US 
IT  workers  every  week. 
If  you  need  to  hire  top 
talent,  start  by  hiring  us. 

Call  your  ITcareers 
Sales  Representative  or 
Nancy  Percival  at 
1-800-762-2977. 


ITcareers 

whara  tha  bast  gal  battar 


Sure 

NetworkWorld, 

COMPUTERWORLD, 
AND  INFOWORLD 

Help  You  Do 
A  Better  Job. 

Now  Let  Us  Help 
You  Get  One. 

Call: 

1-800-762-2977 

(£}  careers 
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Software  Systems  Developer 
for  Wren  Medical  Systems, 
Inc.,  Gurnee,  IL.  Will  create 
internet  links  for  remote 
retrieval  of  equipments  and 
products;  develop  new  pro¬ 
grams;  and  a  load  cell/soft¬ 
ware  interface  device  using 
Visual  Basic,  C++,  C,  Smart 
Card  Systems,  Xilinx,  VHDL, 
and  Embedded  Systems. 
Competitive  salary.  Please 
send  one  resume  &  cover  let¬ 
ter  (no  calls)  to  Mike  Ward, 
101  Ambrogio  Dr.,  Ste.  A, 
Gurnee,  IL  60031 


Business  Intelligence  Consul¬ 
tant:  Chicago  Develop  front- 
end  client  solutions  using  inte¬ 
grated  business  analytics 
(Informatica  PowerMart)  and 
business  intelligence  solution 
tools  (Brio  Performance  Suite) 
for  data  query,  analysis,  enter¬ 
prise  reporting  and  global  infor¬ 
mation  delivery;  data  warehous¬ 
ing  extraction,  transformation 
and  Load  (ETL)  process.  Use 
RDB  (including  3nf,  start  and 
snow  flake  schema),  Java,  ASP, 
C++,  SQL  and  case  tools. 
Requires  BS  computer  science 
or  IS  and  education  or  experi¬ 
ence  in  data  warehousing  and 
mining.  Email  resumes  to: 
recruit@activeinterest.com 


S/W  Engineer 

Design,  develop,  implement  & 
support  busin./tech.  info,  tech¬ 
nology  solution  encompassing 
multiple  specialization,  platforms 
&  technologies  including 
Windows  (C++,  VB  and  .NET), 
Palm  OS  (C++),  Pocket  PC 
(C++),  COM+,  ASP,  XML/XSLT 
and  SQL  Server.  Req:  MS  in 
Elect.  Eng.,  Comp.  Eng.  or 
Comp.  Sci.  40  hr/wk. 
Job/Interview  Site:  Peabody, 
MA.  Send  resume  to  Security 
Source,  Inc.,  One  Centennial 
Drive.  Peabody,  MA  01960, 
Attention:  Human  Resources. 


Analyst/Architect  sought  by 
NJ  based  Securities  Dealer 
for  position  in  Chicago 
office.  Must  possess 
Bachelor's  degree  or  equiv¬ 
alent  in  Computer  Science 
or  directly  related  field  and 
5  years  exp.  in  software 
development/design/analy¬ 
sis.  Exp.  must  include 
C/C++,  JAVA.  Respond  to: 
Human  Resources  Depart¬ 
ment  #KFP02-98:  Knight 
Financial  Products,  130 
Cheshire  Lane,  Suite  102, 
Minnetonka,  MN  55305. 


Director  of  Sales  &  Consulting. 
Manage  sales  &  bus.  develop¬ 
ment  activities  of  ERP  software 
product;  Support  sales  person¬ 
nel  w/  business  analysis  &  tech¬ 
nical  expertise;  Manage  imple¬ 
mentation  process  of  ERP  soft¬ 
ware  for  internal  &  external  cus¬ 
tomers;  Manage  key  customer 
accounts;  Act  as  liaison 
between  sales  department  &  for¬ 
eign  based  R&D  dept.  Requires 
MBA.  w /  Bachelor's  in  Science 
or  Engineering,  plus  two  yrs. 
exp.  managing  ERP  systems 
implementation  projects.  Mail 
resumes:  Human  Resources, 
QlikTech  Inc.,  3737  Glenwood 
Ave.,  Ste.  100,  Raleigh,  NC 
27612 


Technical  Support  Specialist: 
Maintain  computer  system 
files  &  servers;  trouble  shoot  & 
expand  internal  network/work 
stations;  interact  with  cus¬ 
tomers  to  obtain  computer 
graphical  files;  coordinate  e- 
meetings;  install,  maintain  & 
implement  networking/ 
servers;  provide  training. 
Req.:  2  yrs  in  job  offered  or  2 
yrs  in  related  occupation. 
Send  resume  to  Stand-Out 
Services  #726,  3162  Johnson 
Ferry  Rd.  Ste  260,  Marietta, 
GA  30062.  Ref  MS 


Every  day  hiring  managers  turn  to 
ITcareers.com  for  the  best  IT  candi- 
dates.They  know  us  and  they  know 
we  can  deliver. 


If  you  want  a  better  challenge,  we 
challenge  you  to  find  a  better  IT 
career  site  than  ITcareers.com. 


IT  Support  Analyst.  Wachovia 
Corp.  Charlotte.  NC  Manage  IT 
project  initiatives  ind.  system 
implementation  and  system 
upgrading  within  the  futures 
clearing  and  the  equity  deriva¬ 
tives  groups.  Maintain  data 
integrity  as  well  as  functionality 
within  Sungard  GMI.  Reqs.  BA 
in  Finance  or  MIS  &  3  yrs  exp. 
which  must  ind.  work  w/  futures 
clearing  services  &  settlements 
&  equity  derivatives  operations 
including  equity  swaps  &  equity 
OTC  options  and  must  have  ind. 
work  w /  Sunguard  GMI  software 
or  another  software  package 
that  manages  futures  &  options 
positions.  40hrs/wk,  Send 
resume  &  cvr.  Itr.  to  Sheri  Izzo. 
301  S.  College  Str.,  NC1 115, 
Charlotte,  NC  28288.  No  phone 
calls  please. 


Software  Engineers  & 
Programmers:  Design, 

develop,  test  and  imple¬ 
ment  specialized  ERP  and 
CRM  applications  in  JD 
Edwards  One  World  and 
related  tools,  XML,  C,  RPG, 
SQL  Server,  and  DB2/400. 
Prevailing  wage/benefits. 
Triton  Infotech,  Inc.,  Attn: 
HR,  Silverside  Carr 
Executive  Center,  501 
Silverside  Road,  Suite  139, 
Wilmington,  DE  19809.  No 
Phone  calls  please.  EOE. 


Database  Analyst  wanted  to 
analyze,  develop  and  main¬ 
tain  reports  and  various  pro¬ 
grams.  Must  have  a 

Bachelor’s  degree  or  foreign 
equivalent  degree  in  Business 
Administration,  Computer 
Science  or  a  related  field  and 
at  least  1  year  of  experience 
in  application  development 
or  business  analysis. 

Experience  must  include 
SQL.  Mail  resumes  to 
Recruiting  Director  @  Virgin 
Mobile  USA,  LLC,  10 

Independence  Blvd.,  Warren, 
NJ  07059. 


Corpus  is  seeking  IT  profession¬ 
als/engineers.  Qualified  appli¬ 
cants  must  have  BS  with  lyr/min 
exp.  Skills  in  SQL,  PL/SQL, 
COBOL,  C/C++,  VB,  SAP, 
TCP/IP,  NT,  Java,  XML,  COBOL, 
ERP  (PeopleSoft,  AR/AP),  XSL, 
ASP,  Oracle  are  plus.  Sent 
resume  to  info@corpusinc.com. 
EOE 

Engineer  /  Programmer  wanted 
by  Eagle  Technology.  Resp¬ 
onsible  for  Java,  client/server 
programming;  create  triggers, 
write  code,  use  VB,  Oracle, 
PL/SQL,  Transact/SQL.  Require 
BS  or  equivalent  with  1-yr  exp. 
Email  resume  to: 
stacy@eaglecmms.com.  EOE 


Software  Engineer:  Researches 
develops  computer  graphics 
software  for  import/export  of 
Macintosh/Windows  vector/ 
raster  using  C/C++  under  MS 
Visual  Studio;  develops/tests 
tech,  drawing  features  according 
to  national/int'l  drawing  stds.; 
works  on  the  internalization  of 
products  using  Unicode/multi¬ 
byte  processing  in  various  lan¬ 
guage/regional  environments, 
including  Far-Eastern  countries. 
Req.  Bach,  in  Engineering, 
rel./equiv.  &  4  yrs.  exp.  Resume: 
J.  Miranda,  Deneba  Software 
Inc.,  1150  NW  72nd  Ave,  Suite 
180.  Miami,  FL  33126.  No  calls. 


Software  Engineer  to  design, 
develop  and  test  microproces¬ 
sor-based  industrial  analytical 
instrumentation.  Will  work  as 
part  of  a  team  of  engineers 
designing  and  developing  next 
generation  of  products  for  analy¬ 
sis  and  control  of  water  treat¬ 
ment,  waste  water  treatment, 
and  plating  applications.  Will 
develop  cross  platform  multi-tier 
real-time  embedded  applica¬ 
tions.  Will  design  intelligent  web 
based  applications  backed  by 
databases.  Requires  Bachelor's 
Degree  in  C.S.  or  Electrical  Eng. 
and  one  (1)  year  experience  in 
job  offered  or  one  (1 )  year  expe¬ 
rience  in  software  research  or 
development.  Candidate  must 
also  possess  demonstrated 
expertise  using  C/C++  program¬ 
ming  language;  and  demonstrat¬ 
ed  expertise  in  real-time  operat¬ 
ing  systems.  Salary  $67,200/yr; 
Mon-Fri,  9:00AM-5:00PM. 
Submit  two  (2)  copies  of  resume 
to  Case  #2001-13154,  Labor 
Exchange  Office,  19  Staniford 
Street,  1st  FI.,  Boston,  MA 
021 14.  EOE.  Applicants  must  be 
U.S.  workers  eligible  to  accept 
employment  in  the  United  State 
on  a  full-time  basis. 


Software  Specialist  II.  Analyze 
&  validate  system  requirements 
for  client-server  &  mainframe- 
based  software  applications 
including  the  Wheatley 
Insurance  System.  Perform 
coding  &  data  conversion  activi¬ 
ties,  conduct  performance  test¬ 
ing,  &  provide  technical  support 
to  ensure  that  systems  &  cus¬ 
tomer  requirements  are  met. 
Identify  potential  problems  with 
application  systems  perfor¬ 
mance,  file  structures,  databas¬ 
es  &  systems  integration,  & 
interact  with  Information 
Systems  personnel  &  users  to 
provide  technical  solutions.  BS 
in  Computer  Science, 
Engineering,  Mathematics,  or  a 
related  field  &  2  yrs  exp.  in  job 
offered  or  related  occupation. 
Experience  must  include  one 
year  using  technologies  such  as 
DB2,  IBM  Visual  Age  Java  & 
Websphere  with  the  Wheatley 
Insurance  System.  Applicant 
must  be  bondable  &  drug 
screening  required.  40  hrs/wk., 
$60,000/yr.  Must  have  proof  of 
legal  authority  to  work  in  the 
United  States.  Send  your 
resume  to  the  Iowa  Workforce 
Center,  215  Watson  Powell  Jr. 
Way,  Des  Moines,  Iowa  50309- 
1727.  Please  refer  to  Job  Order 
IA1101644.  Employer  paid 
advertisement. 


Legal  services  information  com¬ 
pany  with  offices  in  Houston,  TX 
has  openings  for  senior  software 
engrs  &  software  engrs  with  exp 
in  the  following:  J2EE,  Java  2, 
EJB,  JRun,  Pro*C,  Lazorfische, 
Kofax,  Nouveau,  IIS,  MTS, 
Oracle,  MS  SQL,  ASP,  VB. 
MSMQ.  VBScript,  Javascript. 
MS  Biztalk  Server,  MS 
Commerce  Server,  COM+, 
HTML,  XML,  C#  &  the  DotNet 
framework.  Analyze,  design, 
develop,  test  and  support  web- 
based  e-commerce  applications. 
Resumes  to  CCH  Legal 
Information  Services,  1 1 1  Eighth 
Ave,  NY,  NY  10011. 


Software  Engineer:  Must  have 
B.S.  Degree  or  equivalent  in  a 
computer  related  field  and  5 
years  of  progressive  work  expe¬ 
rience  as  a  programmer  analyst 
or  related  field.  Programmer 
Analyst:  Must  have  B.S.  Degree 
or  equivalent  in  a  computer 
related  field  and  3  years  of  pro¬ 
gressive  work  experience  as  a 
software  engineer  or  related 
field.  Location:  300  N.  Dakota 
Avenue,  #208,  Sioux  Falls.  SD 
57104.  Send  CV  to  Attn: 
Madhukar  Gangadi,  TechNation 
Software  Consulting,  Inc,  at  Fax: 
605-338-7507or 
madhukar@tnscinc.com 


Sycamore  Networks,  Inc  .  is  the 
leader  in  Intelligent  Optical 
Networking.  Out  products  are 
laying  the  foundation  for  the  next 
generation  telecommunications 
infrastructure  by  bringing  intelli¬ 
gence  to  the  massive  installed 
public  fiber  optic  network  We 
have  the  following  positions 
available  at  our  office  in 
Chelmsford.  MA: 

•  Vice  President.  Worldwide 
Sales  and  Support 

•  Vice  President,  Sales  - 
Americas 

•  Director,  System  Engineering 

•  Account  Manager  -  East 
Coast 

The  aforementioned  positions 
require  a  minimum  of  a  B.S., 
M.S.  or  equivalent  experience, 
and  3-8  years  of  industry  experi¬ 
ence. 

For  all  positions,  send  resumes 
to:  Staffing,  Sycamore 

Networks,  220  Mill  Road, 
Chelmsford.  MA  01824,  Fax: 
(978)  256-3434,  OR 
e-mail: 

resume@sycamorenet.com 
We  are  an  equal  opportunity 
employer. 


Aphelion,  Inc.,  located  in  Texas. 
We  provide  leading  solutions  in 
fitness  and  health  club  manage¬ 
ment  software,  including  e-com¬ 
merce.  We  currently  have  the 
following  positions  available: 

Software  Engineers:  Research, 
design,  analyze  and  develop 
computer  and  business  prob¬ 
lems  of  existing  and  proposed 
systems.  Must  have  knowledge 
in  ASP,  JavaScript,  VBScript, 
SQLServer2000,  VB.NET, 
ASP.NET,  ADO.NET.  Web 
Sen/ices,  XML.  COM,  Crystal 
reports.  Must  have  experience 
with  client-server  distributed 
Internet  based  projects,  includ¬ 
ing  e-Commerce  applications. 
Need  Master's  degree  in 
Engineering,  Computer  Science  or 
related  field,  and  1  year  of  expe¬ 
rience. 

Reg  Berka,  1100  Nasa  Rd  1. 
Suite  606,  Houston,  Texas 
77058  or  email  to: 
rberka@aphelion.net 


Chief  Information  Officer 
sought  by  NJ  based 
Securities  Dealer  for  posi¬ 
tion  in  Chicago  office.  Must 
possess  Bachelor's  degree 
or  equivalent  in  Computer 
Science  or  directly  related 
field  and  5  years  exp.  in  soft¬ 
ware  development/design/ 
analysis.  Exp.  must  include 
C/C++,  JAVA.  Respond  to: 
Human  Resources  Depart¬ 
ment:  KFP02-99:  Knight 
Financial  Products,  130 
Cheshire  Lane,  Suite  102, 
Minnetonka,  MN  55035. 


Computer  Programmer: 
Customize  corporate  LOS 
using  C;  design  &  implement 
web  application  for  online 
loan  application  using 
ASP/COM  &  Stored  Proc¬ 
edures;  publish  Crystal 
Reports  on  intranet  using 
RDC  Req  Master's  degree  in 
CIS,  CS  or  related  discipline 
plus  2  yr  work  exp.  in  C,  RDC, 
ASP/COM  and  Stored 
Procedures.  Hrs:  8a-5p,  M-F 
Send  resume  to  Homester 
Mortgage  Services,  LLC  400 
Northridge  Rd.  Suite  650 
Atlanta.  GA  30350.  Ref  TY 
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Paymap,  Inc.,  a  Division  of  First 
Data  Corporation,  a  company  in 
Greenwood  Village,  CO  special¬ 
izing  in  e-commerce  transaction 
payment  services,  has  an  open¬ 
ing  for  a  Software  Quality 
Assurance  Analyst  to  work  in 
San  Francisco,  CA  and  other 
unanticipated  job  sites  in  the 
U  S  Perform  quality  assurance 
of  client-server  financial  and 
back-end  applications  in  a  multi- 
bianch.  multi-user  environment. 
Requires  a  bachelor’s  degree  in 
computer  science  or  business 
with  a  concentration  in  finance; 
1  yr.  exp  as  software  quality 
assurance  analyst  for  Money 
Management  software,  and 
working  knowledge  of  UNIX, 
SQL  Server,  Oracle  relational 
database,  Sanchez  Profile,  PFW 
banking  applications.  Oracle 
Financials,  NACHA  rules,  GAAP 
(G/L,  A IP,  A/R  modules),  rev¬ 
enue  recognition,  financial 
reporting;  and  Rational  or  Silk. 
Respond  by  resume  to  Norm 
Barnett.  First  Data  Corporation, 
6200  S.  Quebec  St..  Greenwood 
Village,  CO  80111  and  refer  to 
job  #4440QS. 


Applications  Support  Analyst, 
Ontario,  CA.  Consult  w /  SAP 
consultants  to  identify  &  ana¬ 
lyze  SAP  processes  &  issues. 
Redefine  SAP  processes  & 
recommend  &  help  implement 
changes.  Change,  maintain  & 
document  Warehouse  SAP 
processes  as  per  ISO  9002. 
Assist  QA  Dept.  &  processes,  & 
act  as  Internal  ISO  Auditor  for 
Configuration  Ctr.  "Write  up” 
user  needs,  prog,  functions,  & 
steps  to  develop/modify  rele¬ 
vant  programs  &  syst;  prepare 
workflow  charts  &  diagrams  re 
same.  Assist  in  resolving  work 
problems  re:  flow  charts,  pro¬ 
ject  specs,  programming.  BS 
or  equiv  +  1  yr  experience,  incl. 
QA.  Fluent  SAP  R/3.  AllClear, 
Visual  C++  &  C++,  HTML,  ASP, 
Rational  Rose.  Send  resume 
to  VP,  HR,  En  Pointe 
Technologies,  100  N. 
Sepulveda  Blvd.,  19th  FI.,  El 
Segundo,  CA  90245. 


Spiral  Aviation  Training  Comp¬ 
any  has  an  opening  in  our 
Englewood,  CO  office  for  a 
Flight  Simulator  Engineer  to 
design  and  develop  visual  inter¬ 
faces.  instructor  facility  station 
interfaces  and  various  aircraft 
system  applications  for  full  flight 
simulators  of  Boeing  737  and 
other  aircrafts.  Successful  can¬ 
didates  will  have  a  bachelor's  or 
foreign  equivalent  in  Computer 
Science,  Engineering  or  related 
field  (including  Civil  Engin¬ 
eering)  and  five  years  experi¬ 
ence  designing  and  developing 
interfaces  or  computer  applica¬ 
tion  systems  in  Unix  and/or 
Windows  environment  for  full 
flight  simulators.  Candidate 
must  also  have  working  knowl¬ 
edge  of  Powersoft  Power  ++ 
and  Jeppesen.  Respond  by 
resume  to  SATCO,  7347  S 
Revere  Pkwy.,  B300, 
Englewood,  CO  80112. 


Technical  Lead  using 
Oracle  &  PL/SQL.  BS  or 
equiv  Eng'g  or  Comp 
Sci  +  5  yrs  exp  -or-  MS 
Eng'g  or  Comp  Sci. 
Salary  DOE.  Resume 
to  M.  Cardenas,  Warner 
Music  Group,  3400 
Riverside  Dr.,  6th  FI., 
Burbank,  CA,  91505. 
Ref  Ad#  434.  Principals 
only.  Legal  work  auth 
req'd.  EOE 


Software  Dev  Engineer  - 
Design,  code,  test,  &  maintain 
software  related  to  user  inter¬ 
face-related  technologies  &  pro¬ 
jects  using  C/C++,  Pro  C,  Unix, 
GUI  development,  Oracle  data¬ 
base,  TCP/IP,  and  PL/SQL. 
Apply  principles,  theories,  & 
concepts  &  use  methodologies, 
tools,  documentation  processes, 
&  test  procedures  to  complete 
projects.  B.S.  in  Comp  Sci  or 
related  field  plus  working  knowl¬ 
edge  of  C/C++,  Pro  C,  Unix,  GUI 
development.  Oracle,  TCP/IP,  & 
PL/SQL.  Denver,  CO.  M-F. 
8am-5pm.  $70k/yr.  Application 
by  resume  only  to:  Employment 
Programs,  PO  Box  46547, 
Denver,  CO  80202  Ref 
Order#CO5033044 


Sr.  Software  Engr-Develop 
IP  cores  for  multimedia  LSIs 
&  ASICs  &  write  device  dri¬ 
vers  using  SCSI  &  FCIP  pro¬ 
tocols.  Debug  h/ware/s/ware 
for  USB-to-ATAPI  device 
designs  using  logic  analyz¬ 
ers  &  oscilloscopes.  Write 
device  drivers  on  BSDI  & 
LINUX  operating  systems. 
Bach's  deg  in  Comp  Sci, 
Physics  or  Elec  Engrg  reqd  + 
4  yrs  s/ware  engrg  exp.  Fax 
resumes  to:  408-551-4490. 
Attn:  Mgr  of  Operations. 


Computer  Professionals 
needed  w/exp  in:  using 
Java,  EJB,  XML,  JSP, 
Weblogic,  Websphere, 
Oracle,  DB2,  Sybase, 
Informix,  C,  C++,  Visual 
Basic,  SQL  Server,  XSL 
and  Tomcat.  Send 
resumes  to:  Boniva 
Software,  Inc.,  2620 
Augustine  Drive,  Suite 
#238,  Santa  Clara,  CA 
95054. 


Jr.  Programmer  Analyst.  Asst 
in  writing  programs  in 
progress,  4GL  &  Webspeed 
using  UNIX,  Windows  Xp 
operating  systems  for  EDI 
850/856  mapping  &  using 
X12  standard.  Provide  sup¬ 
port  for  internet  production 
tools.  Req:  Bachelors  in 
Comp.  Sci.,  Comp.  Eng.  or 
Electronics  Eng.  40  hr/wk. 
Job/Interview  Site:  Brea,  CA 
Send  resume  to  Kirkhill 
Aircraft  Parts  Company,  P.O. 
Box  3500,  Brea,  CA  92822. 


Software  Engineer-Develop 
and  maintain  mgmt  systems 
utilizing  VC++,  Java  Servlets, 
JSP,  Java  Beans,  Web¬ 
sphere,  Oracle,  etc.  Construct 
systems  and  database  man¬ 
agement  via  internet/intranet- 
based  multi-user  apps.  & 
multi-tiered  client/server  dev¬ 
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Maintain  and  configure  data¬ 
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resume  to:  Whale  Enterprise, 
5730  Oakbrook  Pkwy.,  Ste 
175,  Norcross,  GA,  30093. 
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Winning  with  Linux®  and  Intel?  Online  diversified  financial  services  company  E*TRADE  Group,  Inc.,  has  just 
installed  90  IBM  (©server  xSeries™  servers  running  Linux  to  support  their  E*TRADE  Financial  Web  site. 
Why?  Ease  of  use  and  Linux  driven  affordability  and  scalability.  Select  xSeries  models  feature  the  Intel  Xeon™ 
processor  to  give  you  superior  performance  and  cost-effectiveness.  To  receive  a  complimentary  IDC  white  paper 
on  how  to  reduce  TOO  with  Linux,  head  over  to  ibm.com/eserver/etrade  4  fa  phy  jb 
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The  total  information  monster 


i 


n  the  Fox  News  story  “Pentagon  to 
Track  American  Consumer  Pur¬ 
chases”  it  was  reported  the 
Pentagon  said,  “A  massive  database 
that  the  government  will  use  to  mon¬ 
itor  every  purchase  made  by  every 
American  citizen  is  a  necessary  tool 
in  the  war  on  terror” 

The  idea  behind  the  government’s  proposed  data¬ 
base  is,  according  to  Edward  Aldridge,  undersecre¬ 
tary  of  Acquisitions  and  Technology  to  look  for  “pat¬ 
terns  indicative  of  terrorist  activity 

Aldridge  said  the  government  would  be  looking 
for  “sudden  and  large  cash  withdrawals,  one-way  air 
or  rail  travel,  rental  car  transactions  and  purchases 
of  firearms,  chemicals  or  agents  that  could  be  used 
to  produce  biological  or  chemical  weapons.” 

Moreover,  this  database  is  to  integrate  that  con¬ 
sumer  data  with  visa  and  passport  records,  arrest 
records  and  reports  of  suspicious  activity  given  to 
law  enforcement  or  intelligence  services. 

It  is  hard  to  say  how  big  such  a  system  would  be. 
The  storage  certainly  would  be  up  in  the  petabyte 
region  and  the  processing  power  required  would  be 
staggering  even  to  handle  basic  cross-referencing,  let 
alone  pattern  analysis. 

And  who  will  be  in  charge  of  this  behemoth?  Well, 
President  Reagans  former  national  security  adviser, 


retired  Rear  Adm.  John  Fbindexter,  is  developing  the 
database  under  the  Total  Information  Awareness 
(T1A)  program. 

Poindexter  was  a  player  in  the  Iran-Contra  investi¬ 
gation.  He  was  convicted  in  1990  on  five  counts  of 
lying  to  Congress,  making  false  statements,  destroy¬ 
ing  documents  and  obstructing  inquiries. 

A  Nov  12  story  in  The  Washington  Post  noted  that 
“[Poindexter]  was  sentenced  to  six  months  in  jail  by 
a  federal  judge  who  called  him  ‘the  decision-making 
head’  of  a  scheme  to  deceive  Congress.The  U.S. 
Court  of  Appeals  overturned  that  conviction  in  1991, 
saying  Poindexter’s  rights  had  been  violated  through 
the  use  of  testimony  he  had  given  to  Congress  after 
being  granted  immunity’ 

Even  though  the  convictions  were  overturned, 
wouldn’t  you  think  someone  charged  with  develop¬ 
ing  the  most-sensitive  public  data  warehouse  ever 
would  need  to  have  a  spotless  past? 

Apparently,  Poindexter  came  up  with  this  Dr. 
Strangelove-type  scheme  and  managed  to  sell  it  to 
Aldridge  and  the  Pentagon.  It  is  some  relief  that 
Poindexter  will  only  be  in  charge  of  development 
and  not  deployment. 

According  to  Fox  News,  Aldridge  said, “John  has  a 
real  passion  for  this  project.”  I’m  sure  he  does.  Can 
you  say  “megalomaniac”? 

The  key  issues  are  simple.  First,  can  such  a  system 


be  built?  1  would  suggest  that  it  can’t.  Sure,  a  data 
management  framework  can  be  put  together,  but 
think  of  the  scale  of  this  project:The  problems  of 
reliability  and  data  hygiene  are  insurmountable. 

Secondly,  the  potential  for  abuse  is  enormous.  If 
they  succeed  in  building  it,  what  would  be  consid¬ 
ered  an  abuse  of  the  database  early  in  its  life  would, 
in  time,  become  an  acceptable  use. 

Initially  the  database  would  be  used  for  what  it  was 
intended  —  to  identify  terrorists.Then  the  CIA  and 
FBI  would  get  access  for  other  reasons,  such  as  fight¬ 
ing  organized  crime.Then  the  Bureau  of  Alcohol, 
Tobacco  and  Firearms  and  the  Immigration  and 
Naturalization  Service  will  wheedle  in  for  “sound 
reasons.”  And  before  we  know  it  the  Forestry  Com¬ 
mission  and  Bureau  of  Land  Management  will  be 
feeding  at  the  trough. 

Thankfully  some  politicians  are  concerned  T1A 
might  be  dangerous.  Sen.  Dianne  Feinstein  (D-Calif.) 
told  the  San  Jose  Mercury  News  that  she  “plans  to 
introduce  legislation  to  ensure  thatTIA  does  not 
infringe  on  the  privacy  rights  of  Americans.” 

I’m  just  afraid  that  if  TIA  gets  off  the  ground.it  will 
be  on  such  a  scale  and  get  so  much  political  back¬ 
ing  that  legislation  such  as  Feinstein’s  will  be  ineffec¬ 
tive  in  controlling  Poindexter’s  monster. 

Worried  folks  gather  at  backspin@gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


Readers  get  another  turn 

One  last  word  of  thanks  before  we  move  on  to  the 
gift-giving  madness:  Buzz  truly  appreciates  almost 
all  of  you  who  take  the  time  to  send  e-mail. .  . .  The 
exceptions  know  who  you  are. 

Let's  look  the  recent  correspondence: 

A  number  of  writers  piped  up  to  clarify  a  column 
in  which  another  reader  had  cited  "The  Zappa 
Crappa  Factor"  —  namely  that  "90%  of  everything  is  crap." 

“Sturgeon's  Law.  as  it  is  known  among  programmers,  was  originally  spoken  by 
Theodore  Sturgeon,  and  the  original  words  were:  'Sure,  90%  of  science  fiction  is 
crud.  Ninety  percent  of  everything  is  crud,’"  Don  Rea  offers.  “Frank  Zappa  was  a 
genius,  to  be  sure,  but  he  wasn't  the  originator  of  everything  clever." 

Relative  to  an  item  about  the  demise  of  Slingshot,  another  reader  accuses  Buzz 
of  wielding  a  wide  brush  by  lumping  that  former  supplier  of  prepaid  Internet 
access  in  with  a  company  called  BAMnet. 

"BAMnet  has  a  great  concept  —  you  pay  6.5  cents  per  minute  of  time  used,” 
David  Hoerl  says.  “You  can  connect  for  1  minute  or  1,000  minutes  —  the  rate  is 
the  same.  There  is  no  prepayment,  up-front  investment,  or  monthly  charge  —  you 
get  billed  for  what  you  use,  period.” 

No  disrespect  was  intended  toward  BAMnet. 

A  column  about  rampant  tax  cheating  by  online  tobacco  merchants  and  those 
of  you  who  buy  the  cut-rate  smokes  drew  howls  from  opponents  of  online  taxes 
(“You'll  kill  the  Internet”),  and,  of  course,  the  hopeless  nicotine  addicts  (“What 

about  our  rights?’’). 

One  of  my  favorites  came  from  a  New  York  butt  fiend: 

“Smce  you  are  so  worried  about  the  nonpayment  of  these  outrageous  taxes  that 


you  and  the  mayor  seem  to  think  that  the  people  of  New  York  should  be  paying 
because  they  choose  to  smoke,  why  don’t  you  donate  some  of  your  salary  to  off¬ 
set  the  losses?  Until  then,  keep  your  opinion  to  yourself.” 

I  tried  explaining  to  her  that  keeping  my  opinions  to  myself  would  likely  result  in 
the  loss  of  my  salary,  which  in  turn  would  keep  me  from  contributing  to  the  cause 
of  the  poor,  beleaguered  smoker.  She  didn't  write  back. 

A  September  column  criticized  a  new  business  by  Go  Daddy  Software  called 
Domains  by  Proxy  because  it  will  potentially  render  useless  the  already  unreliable 
Whois  database  of  Web  site  operator  contact  information.  Reaction  from  those 
who  put  privacy  ahead  of  accountability  was  predictable.  There  also  were 
thornier  issues  raised,  such  as  Whois  being  a  spammer’s  delight . . .  and  this  one: 

"My  9-year-old  daughter  has  a  Web  site  with  a  really  great  domain  name.  She 
would  like  to  post  pictures  of  herself  and  her  friends,  but  because  of  the  Whois 
database,  I  have  not  allowed  her  to  post  anything  that  might  allow  her  to  be  iden¬ 
tified,"  Karen  Anderson  writes.  “While  I  appreciate  the  expediency  of  being  able 
to  contact  business-related  domain  owners  directly,  I  also  see  a  real  need  for  pri¬ 
vacy  protection  for  kids.” 

A  Buzz  rant  about  pop-up  ads  brought  out  a  surprising  number  of  pop-up 
defenders,  most  of  this  ilk: 

"I  don’t  understand  the  problem,"  Paul  Stafford  writes.  “Web  sites,  including 
yours,  need  some  way  to  make  money  to  keep  publishing.  Orbitz  ads  are  pop- 
unders,  not  -overs,  and  go  away  with  a  single  click.  The  ads  are  not  offensive.  They 
work,  so  Orbitz  is  likely  to  continue  supporting  online  content.  This  benefits  the 
very  people  who  are  complaining.  If  it  is  an  insufficient  trade-off  for  them,  they 
always  have  the  choice  to  stop  patronizing  the  sites  that  sell  pop-ups,  or  Orbitz, 
or  both.” 

It’s  that  last  part  that  will  be  bring  an  end  to  pop-ups  soon  enough. 

You,  too,  can  be  heard  here.  The  address  is'buzz@n ww.com. 


HOW  DO  YOU  IMPROVE  YOUR 
E-BUSINESS  EFFECTIVENESS? 


When  you  test  Web  performance,  what  you  really  want  to  know 
is  how  the  Web  is  affecting  your  bottom  line. That's  where 
Keynote  Systems  can  help. 

At  Keynote,  we  know  something  about  performance.  We  have  been 
benchmarking  the  world's  leading  Web  sites  for  nearly  a  decade. 
All  that  expertise  goes  into  Keynote's  performance  testing  services 
to  help  you  measure  the  effectiveness  of  your  e-business. 

Keynote  offers  services  to  help  you  test  every  aspect  of  your 
e-business,  including  scalability,  capacity,  user  experience,  and 
content  integrity.  Our  performance  testing  services  give  you  a 
360-degree  perspective  of  your  e-business  effectiveness. 

It's  the  least  you  can  expert  from 
the  Internet  Performance  Authority®. 

To  find  out  how  Keynote  testing  services  can  improve 
performance,  save  you  money,  and  increase  your  e-business 
effectiveness,  call  1 -800-KEYNOTE  (800-539-6683), 
or  go  to  www.keynote.com/nww 


IMPROVING  THE  QUALITY  OF  E-BUSINESS  WORLDWIDE. 


H  KEYNO 

The  Internet  Performance  A 


©  2002  Keynote  Systems,  Inc.  Keynote  and  the  Keynote  logo  are  registered  trademarks  of  Keynote  Systems,  Inc.  All  rights  reserved. 


■  Cost-effective  access 
routing  for  branch  office 
connectivity  and 
internet  access 

■  Recognizable  Command 
Line  Interface  (CLI) 

■  No  retraining  or 
costly  certification 

■  Built-in  stateful 
inspection  firewall 

■  Interoperable  with  other 
standards-based  routers 

■  Optional  PBX  connectivity 

■  Optional  dial 
backup  system 

■  Built-in  DSU/CSU  for 
WAN  termination 

■  Free  24x7  telephone 
technical  support 

■  Optional  extended 
installation  and 
maintenance  program 


This  powerful  new  access  router  from  ADTRAN  is  everything  you 
need  in  a  router,  and  then  some,  at  a  cost  that’s  up  to  55  percent 
less  than  other  brand  name  routers.  This  high-quality,  low-cost 
alternative  features  a  stateful  inspection  firewall,  a  DSU/CSU,  and  a 
familiar  CLI.  Comprehensive  dial  backup  and  PBX  connectivity  are 
available  at  a  minimal  cost.  Interoperable  with  other  standards-based 
routers,  the  NetVanta  3000  series  fits  seamlessly  into  your  existing 
network.  Backed  by  unlimited  telephone  support  and  a  5-year 
warranty,  the  NetVanta  3000  series  is  clearly  the  intelligent  choice. 

New  vendor  to  routing?  No  way!  ADTRAN  has  incorporated  its 
router  technology  into  selected  WAN  connectivity  products  for  the 
past  five  years;  with  more  than  75,000  now  installed  in  networks 
around  the  world.  The  NetVanta  3000  series  is  the  latest  in  a  long 
line  of  market-leading  internetworking  and  connectivity  solutions, 
from  a  company  with  a  17-year  history  of  customer  satisfaction. 


Dare  to  compare  the  new  NetVanta  3000  series! 

www.dare2compare.adtran.com 


877.212.0327  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRAN." 
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